Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/iortcw-1.51.c+dfsg1/MP/MAIN/UI/menudef.h
Examining data/iortcw-1.51.c+dfsg1/MP/MAIN/ui_mp/menudef.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/asm/ftola.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/asm/qasm-inline.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/asm/qasm.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/asm/snapvector.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/aasfile.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bsp.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_cluster.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_cluster.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_debug.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_debug.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_def.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_entity.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_entity.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_file.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_file.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_funcs.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_move.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_move.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_optimize.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_optimize.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_route.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_route.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routealt.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routealt.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routetable.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routetable.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_sample.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_sample.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_gen.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_gen.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_move.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_move.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ea.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ea.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_interface.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_interface.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/botai.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/botlib.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_crc.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_crc.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_memory.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_memory.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_struct.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_struct.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_utils.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_drawtools.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_flamethrower.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_localents.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_marks.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_playerstate.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_predict.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_public.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_snapshot.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_sound.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_spawn.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_syscalls.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_trails.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_view.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_avi.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_curl.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_curl.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_input.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_net_chan.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_ui.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/client.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/keycodes.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/keys.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/qal.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/qal.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_adpcm.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_altivec.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec_ogg.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec_opus.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec_wav.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_mem.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_mix.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_public.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/snd_wavelet.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_characters.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_debug.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_events.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_fight.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_fight.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_func_attack.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_func_boss1.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_global.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_ents.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_sight.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_think.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_misc.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_pmove.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_public.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/bg_slidemove.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/chars.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_active.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_alarm.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_antilag.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_combat.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_items.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_mem.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_missile.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_mover.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_public.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_session.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_syscalls.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_tramcar.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/inv.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/match.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/game/syn.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/null/mac_net.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/null/null_client.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/null/null_glimp.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/null/null_input.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/null/null_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/null/null_net.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/null/null_snddma.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_load.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_patch.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_patch.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_polylib.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_polylib.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_public.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_test.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_trace.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/huffman.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/json.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md4.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/pbmd5.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/puff.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/puff.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_math.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_platform.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/surfaceflags.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_interpreted.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_none.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc_asm.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc_asm.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_x86.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/anorms256.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/qgl.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_animation.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_backend.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_cmds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_curve.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_dsa.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_dsa.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_extensions.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_extramath.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_extramath.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_extratypes.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_fbo.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_fbo.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_flares.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_font.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_bmp.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_dds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_jpg.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_pcx.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_png.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_light.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_marks.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_mesh.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_noise.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_postprocess.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_postprocess.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_scene.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shade.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shade_calc.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shadows.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_sky.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_subs.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_surface.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_world.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/anorms256.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/iqm.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/qgl.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_altivec.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_animation.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_backend.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bloom.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_cmds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_cmesh.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_curve.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_flares.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_font.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_bmp.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_jpg.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_pcx.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_png.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_light.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_marks.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_mesh.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model_iqm.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_noise.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_public.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_scene.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade_calc.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shadows.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_subs.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_surface.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_types.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_world.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_gamma.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_icon.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_input.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_snd.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/server.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_bot.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_net_chan.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_snapshot.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_wallhack.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/server/sv_world.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_angles.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_angles.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_matrix.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_matrix.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_quaternion.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_quaternion.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_vector.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/math_vector.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/util_list.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp
Examining data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/con_log.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/con_passive.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/con_win32.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_loadlib.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/win_resource.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/mathlib.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/opstrings.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_public.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_syscalls.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/ioapi.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/ioapi.h
Examining data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/unzip.c
Examining data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/unzip.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/asm/ftola.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/asm/qasm-inline.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/asm/qasm.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/asm/snapvector.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/aasfile.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bsp.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_cluster.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_cluster.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_debug.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_debug.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_def.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_entity.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_entity.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_file.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_file.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_funcs.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_move.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_move.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_optimize.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_optimize.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_route.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_route.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routealt.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routealt.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routetable.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routetable.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_sample.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_sample.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_gen.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_gen.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_move.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_move.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ea.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ea.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_interface.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_interface.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/botai.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/botlib.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_crc.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_crc.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_memory.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_memory.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_struct.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_struct.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_utils.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_drawtools.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_flamethrower.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_localents.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_marks.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_playerstate.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_predict.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_public.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_sound.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_syscalls.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_trails.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_view.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_avi.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_console.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_curl.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_curl.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_input.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_net_chan.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/cl_ui.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/client.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/keycodes.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/keys.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/qal.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/qal.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_adpcm.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_altivec.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec_ogg.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec_opus.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec_wav.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_mem.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_mix.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_public.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/client/snd_wavelet.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_characters.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_debug.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_events.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_fight.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_fight.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_func_attack.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_func_boss1.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_global.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_ents.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_sight.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_think.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_misc.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_pmove.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_public.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/bg_slidemove.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/chars.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_active.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_alarm.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_combat.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_func_decs.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_funcs.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_items.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_mem.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_missile.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_mover.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_public.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_session.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_syscalls.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_tramcar.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/g_weapon.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/inv.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/match.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/game/syn.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/null/mac_net.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/null/null_client.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/null/null_glimp.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/null/null_input.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/null/null_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/null/null_net.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/null/null_snddma.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_load.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_patch.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_patch.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_polylib.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_polylib.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_public.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_test.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_trace.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/huffman.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/json.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md4.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/puff.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/puff.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_math.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_platform.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/surfaceflags.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_interpreted.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_none.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc_asm.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc_asm.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_x86.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/anorms256.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/qgl.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_animation.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_backend.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_cmds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_curve.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_dsa.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_dsa.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_extensions.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_extramath.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_extramath.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_extratypes.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_fbo.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_fbo.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_flares.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_font.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_bmp.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_dds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_jpg.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_pcx.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_png.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_light.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_marks.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_mesh.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_noise.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_postprocess.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_postprocess.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_scene.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shade.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shade_calc.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shadows.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_sky.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_subs.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_surface.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_world.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/anorms256.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/iqm.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/qgl.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_altivec.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_animation.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_backend.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bloom.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_cmds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_cmesh.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_curve.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_flares.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_font.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_bmp.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_jpg.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_pcx.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_png.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_light.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_marks.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_mesh.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model_iqm.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_noise.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_public.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_scene.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade_calc.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shadows.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_subs.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_surface.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_types.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_world.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_gamma.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_icon.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_input.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_snd.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/server.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_bot.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_init.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_net_chan.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_snapshot.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/server/sv_world.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_angles.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_angles.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_matrix.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_matrix.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_quaternion.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_quaternion.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_vector.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/math_vector.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/util_list.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp
Examining data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/con_log.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/con_passive.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/con_win32.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_loadlib.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/sys/win_resource.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/mathlib.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/opstrings.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_public.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_syscalls.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/ioapi.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/ioapi.h
Examining data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/unzip.c
Examining data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/unzip.h
Examining data/iortcw-1.51.c+dfsg1/SP/main/ui/menudef.h
FINAL RESULTS:
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:647:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(fn, filename, sizeof(fn)-1);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:647:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(fn, filename, sizeof(fn)-1);
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:470:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( epair->key, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:478:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( epair->value, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:171:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ( *aasworld ).configstrings[i], configstrings[i] );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.h:43:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL AAS_Error(char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:198:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ch->c[i].value.string, defaultch->c[i].value.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:223:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ch->filename, charfile );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:290:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ch->c[index].value.string, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:510:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( out->filename, ch1->filename );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:529:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( out->c[i].value.string, ch1->c[i].value.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:728:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( synonym->string, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:929:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( ptr, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:945:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( &ptr[strlen( ptr )], "%cr%s%c", ESCAPE_CHAR, token.string, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1043:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( random->string, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1071:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( randomstring->string, chatmessagestring );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1252:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( matchstring->string, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1587:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( s->string, temp );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1839:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( namebuffer, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1847:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( key->string, namebuffer );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1859:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( key->string, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1889:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( chatmessage->chatmessage, chatmessagestring );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2046:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( chatmessage->chatmessage, chatmessagestring );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2235:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &outputbuf[len], temp );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2262:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &outputbuf[len], ptr );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2300:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( srcmessage, message );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( srcmessage, chatstate->chatmessage );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2533:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( match.string, message );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:367:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( config->weights[config->numweights].name, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/botlib.h:192:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (QDECL *Print)(int type, char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.c:91:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( v->name, var_name );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.c:195:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( v->string, value );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.c:246:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( v->string, value );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.c:140:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( logfile.fp, fmt, ap );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.c:165:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( logfile.fp, fmt, ap );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.h:47:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Log_Write(char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.h:49:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Log_WriteTimeStamped(char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:483:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( t1->string, t2->string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:491:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( t1->string, &t2->string[1] );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:679:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( define->name, builtin[i].string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:721:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( token->string, source->scriptstack->filename );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:1191:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( define->name, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:1425:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( newdefine->name, define->name );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2727:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( token->string, newtoken.string + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2963:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( source->includepath, PATHSEPERATOR_STR );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:3175:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pc_token->string, token.string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:3199:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( filename, sourceFiles[handle]->filename );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.h:153:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL SourceError(source_t *source, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.h:155:85: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL SourceWarning(source_t *source, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.h:257:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL ScriptError(script_t *script, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.h:259:84: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL ScriptWarning(script_t *script, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:130:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( targetName, S_COLOR_WHITE );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:255:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( attackerName, S_COLOR_WHITE );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1784:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL CG_Printf( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1785:79: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL CG_Error( const char *msg, ... ) __attribute__ ((noreturn, format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:58:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( systemChat, p );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:60:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( teamChat2, teamChat1 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:61:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( teamChat1, p );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1374:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( token, CG_TranslateString( temp ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1394:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( token, CG_TranslateString( temp ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_snapshot.c:179:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( prevmap, curmap );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:341:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( bigConfigString, s );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:350:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( bigConfigString, s );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:1476:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( cinTable[currentHandle].fileName, name );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2011:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cmd, Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3304:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( groupStr, Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3306:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( itemStr, Cmd_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3309:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( itemStr, Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3407:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void QDECL CL_RefPrintf( int print_level, const char *fmt, ...) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3699:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( fileName, va( "translations/%s.cfg", Cmd_Argv( 1 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5169:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( cl.limboChatMsgs[i], cl.limboChatMsgs[i - 1] );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5436:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( format_org, va( "%c%c ", '%', original[i + 1] ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5450:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( format_trans, va( "%c%c ", '%', translated[i + 1] ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5513:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( cl.translationVersion, token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5528:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( original, token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5542:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( translated[LANGUAGE_FRENCH], token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5557:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( translated[LANGUAGE_GERMAN], token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5572:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( translated[LANGUAGE_ITALIAN], token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5587:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( translated[LANGUAGE_SPANISH], token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5714:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf, string );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5741:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf + offset, t->translated[currentLanguage] );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5768:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf + offset, string );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:348:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( string, "RECORDING %s: %ik", clc.demoName, pos / 1024 );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:387:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( string, "VoIP: [%s]", buffer );
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:324:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sfx->soundName, name);
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:232:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr->filename, filename);
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.h:577:81: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void AICast_Printf( int type, const char *fmt, ... ) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_debug.c:158:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ent->classname, cmd );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:981:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, BotRandomOpponentName( bs ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:1247:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, BotRandomOpponentName( bs ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:635:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buf, wp->name );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.h:231:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL BotAI_Print(int type, char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:457:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pch, string );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:194:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char *strcat( char *strDestination, const char *strSource ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:223:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char *strcpy( char *strDestination, const char *strSource ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:2087:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int sscanf( const char *buffer, const char *fmt, ... ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:87:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char *strcat( char *strDestination, const char *strSource );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:89:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char *strcpy( char *strDestination, const char *strSource );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:107:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int sscanf( const char *buffer, const char *fmt, ... ) __attribute__ ((format (scanf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:107:80: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int sscanf( const char *buffer, const char *fmt, ... ) __attribute__ ((format (scanf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_public.h:1703:78: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL BG_AnimParseError( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:94:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( string + stringlength, entry );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:994:72: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_LogPrintf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:996:69: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_Printf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:997:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_DPrintf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:998:78: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_Error( const char *fmt, ... ) __attribute__ ((noreturn, format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:76:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void QDECL PrintMsg( gentity_t *ent, const char *fmt, ... ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:1010:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( string + stringlength, entry );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:55:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( remappedShaders[i].newShader,newShader );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:61:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( remappedShaders[remapCount].newShader,newShader );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:62:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( remappedShaders[remapCount].oldShader,oldShader );
data/iortcw-1.51.c+dfsg1/MP/code/null/null_main.c:39:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (error,argptr);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:405:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cmd_args, cmd_argv[i] );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:430:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cmd_args, cmd_argv[i] );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1206:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( out, in );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2055:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( b, s );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2543:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( &cl_cdkey[16], buffer );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2366:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buildBuffer[i].name, filename_inzip );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2457:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( zpath, zname );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2676:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( listbuf, pFiles[i] );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2895:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(listbuf, name);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2897:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(listbuf, description);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3263:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pak->pakGamename, dir );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1480:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (newi, s);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1481:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (s, newi);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1521:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( s, newi );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:213:23: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define Q_vsnprintf vsnprintf
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:823:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseError( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:824:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseWarning( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:863:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int QDECL Com_sprintf (char *dest, int size, const char *fmt, ...) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:960:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
char * QDECL va(char *format, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:981:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int level, const char *error, ... ) __attribute__ ((noreturn, format(printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:982:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:191:117: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL NET_OutOfBandPrint( netsrc_t net_socket, netadr_t adr, const char *format, ...) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:773:87: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL FS_Printf( fileHandle_t f, const char *fmt, ... ) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:933:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:934:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_DPrintf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:935:91: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int code, const char *fmt, ... ) __attribute__ ((noreturn, format(printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:1213:81: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Sys_Error( const char *error, ...) __attribute__ ((noreturn, format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2639:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( w->entityString, p );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2787:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(spawnVarChars + numSpawnVarChars, keyname);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2791:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(spawnVarChars + numSpawnVarChars, com_token);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:2205:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( image->imgName, name );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_jpg.c:43:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# error Need system libjpeg >= 80 or jpeg_mem_ support
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:66:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3831:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( textEnd, buffers[i] );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:2069:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( w->entityString, p );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1149:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( image->imgName, name );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_jpg.c:43:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# error Need system libjpeg >= 80 or jpeg_mem_ support
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:66:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_public.h:125:86: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (QDECL *Printf)( int printLevel, const char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_public.h:128:95: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (QDECL *Error)( int errorLevel, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:3094:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( textEnd, buffers[i] );
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:400:94: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL SV_SendServerCommand( client_t *cl, const char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_bot.c:174:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void QDECL BotImport_Print(int type, char *fmt, ...) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1448:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( text, p );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1488:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(text, p);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c:788:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( versionMap[ numVersions ].version, token );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c:793:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( versionMap[ numVersions ].platform, token );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c:803:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( versionMap[ numVersions ].installer, token );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:588:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( infostring, Cvar_InfoString( CVAR_SERVERINFO ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:607:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status + statusLength, player );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1477:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( start, s ); // remove this part
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1545:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( s, newi );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1584:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( s, newi );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:197:23: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define Q_vsnprintf vsnprintf
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:809:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseError( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:810:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseWarning( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:861:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void Com_ScriptError( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:862:72: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void Com_ScriptWarning( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:888:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int QDECL Com_sprintf (char *dest, int size, const char *fmt, ...) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:982:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
char * QDECL va(char *format, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:1011:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int level, const char *error, ... ) __attribute__ ((noreturn, format(printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:1012:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:564:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, events[i]->getParam() );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:581:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, events[i]->getParam() );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:405:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( newbuffer, m_data->data );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:430:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
void idStr::snprintf
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:149:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
static void snprintf( char *dst, int size, const char *fmt, ... ) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:149:96: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void snprintf( char *dst, int size, const char *fmt, ... ) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:183:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:255:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:269:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:283:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:313:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( m_data->data, text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:327:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( m_data->data, text.c_str() );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:408:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:445:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:452:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 1, 2))) void Sys_Warn( char *warning, ... )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:636:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stdout, Q3_VERSION " dedicated server (%s)\n", date );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:638:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stdout, Q3_VERSION " client (%s)\n", date );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:691:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp( execArgv[ 0 ], execArgv );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1042:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system( cmdline );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1049:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl( cmdline, cmdline, NULL );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1101:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( fn, X_OK ) == -1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1106:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( fn, X_OK ) == -1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1111:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( fn, X_OK ) == -1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:350:8: [4] (shell) ShellExecute:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( !ShellExecute( NULL, "open", url, NULL, NULL, SW_RESTORE ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:91:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (filename, "%s%s", filebase, fileinfo.name);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:126:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (text, error,argptr);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:129:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (text2, "%s\nGetLastError() = %i", text, err);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:150:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (error,argptr);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:167:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (format,argptr);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:185:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (text, format, argptr);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:231:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp, path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:280:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( writedir, gamedir );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:305:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (full, path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:308:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (full, path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:318:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( full, path );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:321:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (full, "%s%s", qdir, path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:331:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( full, path );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:334:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (full, "%s%s", gamedir, path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:347:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (archivename, "%s/%s", archivedir, path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:358:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (b, s);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:825:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path, extension);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:835:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (temp,path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:836:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path,basepath);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:837:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path,temp);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:926:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dest,src);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:233:10: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return vprintf(fmt, vp);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:497:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( stderr, fmt, argptr );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:549:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( expanded, "%s_%i", sym, currentFileIndex );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:605:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( expanded, "%s_%i", sym, currentFileIndex );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:927:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, token );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1071:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, token );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1320:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( imageName, outputFilename );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1354:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( imageName, outputFilename );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1433:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( filename, asmFileNames[ i ] );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1496:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( expanded, filename );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1510:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( outputFilename, com_token );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1570:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( outputFilename, argv[ i+1 ] );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:41:75: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_DPrintf( const char *fmt, ... ) __attribute__ ( ( format ( printf, 1, 2 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:101:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( infos[count], info );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:167:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( filename, dirptr );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:328:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( filename, dirptr );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1287:75: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_DPrintf( const char *fmt, ... ) __attribute__ ( ( format ( printf, 1, 2 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5388:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( uiInfo.serverStatus.motd, va( "Wolf Multiplayer - Version: %s", Q3_VERSION ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:274:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &strPool[strPoolIndex], p );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:342:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void PC_SourceWarning(int handle, char *format, ...) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:365:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void PC_SourceError(int handle, char *format, ...) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3956:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( g_nameBind1, DC->translateString( " or " ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3957:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( g_nameBind1, g_nameBind2 );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h:396:85: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (*Error)(int level, const char *error, ...) __attribute__ ((noreturn, format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h:397:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (*Print)(const char *msg, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h:398:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (*DPrint)(const char *msg, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:470:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( epair->key, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:478:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( epair->value, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:171:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ( *aasworld ).configstrings[i], configstrings[i] );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.h:43:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL AAS_Error(char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:198:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ch->c[i].value.string, defaultch->c[i].value.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:223:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ch->filename, charfile );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:290:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ch->c[index].value.string, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:510:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( out->filename, ch1->filename );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:529:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( out->c[i].value.string, ch1->c[i].value.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:728:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( synonym->string, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:929:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( ptr, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:945:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( &ptr[strlen( ptr )], "%cr%s%c", ESCAPE_CHAR, token.string, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1043:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( random->string, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1071:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( randomstring->string, chatmessagestring );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1252:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( matchstring->string, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1587:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( s->string, temp );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1839:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( namebuffer, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1847:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( key->string, namebuffer );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1859:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( key->string, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1889:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( chatmessage->chatmessage, chatmessagestring );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2046:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( chatmessage->chatmessage, chatmessagestring );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2235:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &outputbuf[len], temp );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2262:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &outputbuf[len], ptr );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2300:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( srcmessage, message );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( srcmessage, chatstate->chatmessage );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2533:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( match.string, message );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:367:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( config->weights[config->numweights].name, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/botlib.h:192:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (QDECL *Print)(int type, char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.c:91:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( v->name, var_name );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.c:195:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( v->string, value );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.c:246:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( v->string, value );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.c:140:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( logfile.fp, fmt, ap );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.c:165:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( logfile.fp, fmt, ap );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.h:47:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Log_Write(char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.h:49:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Log_WriteTimeStamped(char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:483:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( t1->string, t2->string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:491:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( t1->string, &t2->string[1] );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:679:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( define->name, builtin[i].string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:721:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( token->string, source->scriptstack->filename );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:1191:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( define->name, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:1425:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( newdefine->name, define->name );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2727:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( token->string, newtoken.string + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2963:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( source->includepath, PATHSEPERATOR_STR );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:3175:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pc_token->string, token.string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:3199:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( filename, sourceFiles[handle]->filename );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.h:153:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL SourceError(source_t *source, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.h:155:85: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL SourceWarning(source_t *source, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.h:257:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL ScriptError(script_t *script, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.h:259:84: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL ScriptWarning(script_t *script, char *str, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:128:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( targetName, S_COLOR_WHITE );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:235:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( attackerName, S_COLOR_WHITE );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1791:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL CG_Printf( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1792:79: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL CG_Error( const char *msg, ... ) __attribute__ ((noreturn, format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:827:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( translateStrings[i].localname, token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:57:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( systemChat, p );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:59:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( teamChat2, teamChat1 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:60:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( teamChat1, p );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c:194:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( prevmap, curmap );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:317:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( bigConfigString, s );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:326:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( bigConfigString, s );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:1499:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( cinTable[currentHandle].fileName, name );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2011:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cmd, Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3115:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( groupStr, Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3117:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( itemStr, Cmd_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3120:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( itemStr, Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3238:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void QDECL CL_RefPrintf( int print_level, const char *fmt, ...) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4886:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( cl.limboChatMsgs[i], cl.limboChatMsgs[i - 1] );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c:348:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( string, "RECORDING %s: %ik", clc.demoName, pos / 1024 );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c:387:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( string, "VoIP: [%s]", buffer );
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:315:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sfx->soundName, name);
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:233:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr->filename, filename);
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.h:612:81: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void AICast_Printf( int type, const char *fmt, ... ) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_debug.c:158:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ent->classname, cmd );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:981:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, BotRandomOpponentName( bs ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:1247:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, BotRandomOpponentName( bs ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:635:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buf, wp->name );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.h:231:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL BotAI_Print(int type, char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:467:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pch, string );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:226:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char *strcat( char *strDestination, const char *strSource ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:255:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char *strcpy( char *strDestination, const char *strSource ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:1958:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int sscanf( const char *buffer, const char *fmt, ... ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:87:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char *strcat( char *strDestination, const char *strSource );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:89:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char *strcpy( char *strDestination, const char *strSource );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:107:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int sscanf( const char *buffer, const char *fmt, ... ) __attribute__ ((format (scanf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:107:80: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int sscanf( const char *buffer, const char *fmt, ... ) __attribute__ ((format (scanf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_public.h:1746:78: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL BG_AnimParseError( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:80:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( string + stringlength, entry );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:958:72: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_LogPrintf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:960:69: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_Printf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:961:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_DPrintf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:962:78: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL G_Error( const char *fmt, ... ) __attribute__ ((noreturn, format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:75:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void QDECL PrintMsg( gentity_t *ent, const char *fmt, ... ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:808:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( string + stringlength, entry );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:55:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( remappedShaders[i].newShader,newShader );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:61:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( remappedShaders[remapCount].newShader,newShader );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:62:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( remappedShaders[remapCount].oldShader,oldShader );
data/iortcw-1.51.c+dfsg1/SP/code/null/null_main.c:39:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (error,argptr);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:406:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cmd_args, cmd_argv[i] );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:431:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cmd_args, cmd_argv[i] );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:886:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( out, in );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1606:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( b, s );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2092:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( &cl_cdkey[16], buffer );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2375:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buildBuffer[i].name, filename_inzip );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2466:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( zpath, zname );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2686:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( listbuf, pFiles[i] );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2904:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(listbuf, name);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2906:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(listbuf, description);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3284:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pak->pakGamename, dir );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1576:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( s, newi );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1615:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( s, newi );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:210:23: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define Q_vsnprintf vsnprintf
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:835:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseError( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:836:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseWarning( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:875:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int QDECL Com_sprintf (char *dest, int size, const char *fmt, ...) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:965:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
char * QDECL va(char *format, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:986:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int level, const char *error, ... ) __attribute__ ((noreturn, format(printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:987:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:192:117: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL NET_OutOfBandPrint( netsrc_t net_socket, netadr_t adr, const char *format, ...) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:734:87: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL FS_Printf( fileHandle_t f, const char *fmt, ... ) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:865:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:866:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_DPrintf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:867:91: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int code, const char *fmt, ... ) __attribute__ ((noreturn, format(printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:1132:81: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Sys_Error( const char *error, ...) __attribute__ ((noreturn, format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2636:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( w->entityString, p );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2782:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(spawnVarChars + numSpawnVarChars, keyname);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2786:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(spawnVarChars + numSpawnVarChars, com_token);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:2201:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( image->imgName, name );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_jpg.c:43:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# error Need system libjpeg >= 80 or jpeg_mem_ support
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:66:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3951:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( textEnd, buffers[i] );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:2067:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( w->entityString, p );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1199:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( image->imgName, name );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_jpg.c:43:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# error Need system libjpeg >= 80 or jpeg_mem_ support
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:66:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_public.h:125:86: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (QDECL *Printf)( int printLevel, const char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_public.h:128:95: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (QDECL *Error)( int errorLevel, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:3208:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( textEnd, buffers[i] );
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:360:94: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL SV_SendServerCommand( client_t *cl, const char *fmt, ...) __attribute__ ((format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_bot.c:175:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void QDECL BotImport_Print(int type, char *fmt, ...)
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:190:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( savemap, map );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1465:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( text, p );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1505:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(text, p);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:589:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( infostring, Cvar_InfoString( CVAR_SERVERINFO ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:608:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status + statusLength, player );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1477:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( start, s ); // remove this part
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1545:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( s, newi );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1584:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( s, newi );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:194:23: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define Q_vsnprintf vsnprintf
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:821:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseError( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:822:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseWarning( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:873:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void Com_ScriptError( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:874:72: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void Com_ScriptWarning( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:899:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int QDECL Com_sprintf (char *dest, int size, const char *fmt, ...) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:986:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
char * QDECL va(char *format, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:1015:92: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int level, const char *error, ... ) __attribute__ ((noreturn, format(printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:1016:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:564:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, events[i]->getParam() );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:581:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, events[i]->getParam() );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:405:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( newbuffer, m_data->data );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:430:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
void idStr::snprintf
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:149:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
static void snprintf( char *dst, int size, const char *fmt, ... ) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:149:96: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void snprintf( char *dst, int size, const char *fmt, ... ) __attribute__ ((format (printf, 3, 4)));
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:183:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:255:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:269:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:283:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:313:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( m_data->data, text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:327:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( m_data->data, text.c_str() );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:408:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:445:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( m_data->data, text );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:452:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 1, 2))) void Sys_Warn( char *warning, ... )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:636:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stdout, Q3_VERSION " dedicated server (%s)\n", date );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:638:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stdout, Q3_VERSION " client (%s)\n", date );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:691:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp( execArgv[ 0 ], execArgv );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1044:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system( cmdline );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1051:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl( cmdline, cmdline, NULL );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1102:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( fn, X_OK ) == -1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1107:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( fn, X_OK ) == -1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1112:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( fn, X_OK ) == -1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:925:8: [4] (shell) ShellExecute:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( !ShellExecute( NULL, "open", url, NULL, NULL, SW_RESTORE ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:91:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (filename, "%s%s", filebase, fileinfo.name);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:126:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (text, error,argptr);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:129:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (text2, "%s\nGetLastError() = %i", text, err);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:150:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (error,argptr);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:167:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (format,argptr);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:185:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (text, format, argptr);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:231:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp, path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:280:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( writedir, gamedir );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:305:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (full, path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:308:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (full, path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:318:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( full, path );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:321:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (full, "%s%s", qdir, path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:331:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( full, path );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:334:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (full, "%s%s", gamedir, path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:347:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (archivename, "%s/%s", archivedir, path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:358:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (b, s);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:825:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path, extension);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:835:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (temp,path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:836:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path,basepath);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:837:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path,temp);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:926:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dest,src);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:233:10: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return vprintf(fmt, vp);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:497:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( stderr, fmt, argptr );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:549:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( expanded, "%s_%i", sym, currentFileIndex );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:605:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( expanded, "%s_%i", sym, currentFileIndex );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:927:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, token );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1071:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, token );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1320:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( imageName, outputFilename );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1354:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( imageName, outputFilename );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1433:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( filename, asmFileNames[ i ] );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1496:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( expanded, filename );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1510:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( outputFilename, com_token );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1570:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( outputFilename, argv[ i+1 ] );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:41:75: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_DPrintf( const char *fmt, ... ) __attribute__ ( ( format ( printf, 1, 2 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:102:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( infos[count], info );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:166:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( filename, dirptr );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:290:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( filename, dirptr );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:946:75: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_DPrintf( const char *fmt, ... ) __attribute__ ( ( format ( printf, 1, 2 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1120:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( translateStrings[i].localname, token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:346:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &strPool[strPoolIndex], p );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:415:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void PC_SourceWarning(int handle, char *format, ...) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:438:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static __attribute__ ((format (printf, 2, 3))) void PC_SourceError(int handle, char *format, ...) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3904:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( g_nameBind1, va( " %s ", DC->getTranslatedString( "or" ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3905:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( g_nameBind1, g_nameBind2 );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h:394:85: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (*Error)(int level, const char *error, ...) __attribute__ ((noreturn, format (printf, 2, 3)));
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h:395:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (*Print)(const char *msg, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h:396:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void (*DPrint)(const char *msg, ...) __attribute__ ((format (printf, 1, 2)));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_route.c:1966:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
n = ( *aasworld ).numareas * random();
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:821:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
weight = random() * syn->totalweight;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:970:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bot_randomlist_t *random;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:977:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( random = randomlist; random; random = random->next )
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1000:46: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bot_randomlist_t *randomlist, *lastrandom, *random;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1048:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
lastrandom->next = random;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1049:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { randomlist = random;}
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1050:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
lastrandom = random;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1098:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bot_randomlist_t *random;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1102:32: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( random = randomstrings; random; random = random->next )
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1105:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
i = random() * random->numstrings;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2356:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
n = random() * numchatmessages;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2591:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
num = random() * numchatmessages;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_gen.c:86:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
index = random() * numranks;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:85:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
float random;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:507:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
AAS_FloatForBSPEpairKey( ent, "random", &cs->random );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:683:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { return fs->minweight + random() * ( fs->maxweight - fs->minweight );}
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:690:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { w1 = fs->minweight + random() * ( fs->maxweight - fs->minweight );}
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:694:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { w2 = fs->next->minweight + random() * ( fs->next->maxweight - fs->next->minweight );}
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:761:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { return s->minweight + random() * ( s->maxweight - s->minweight );}
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:767:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { return s->minweight + random() * ( s->maxweight - s->minweight );}
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:785:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 0.01 ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:66:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = cg.time + 1000 + random() * 250;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:325:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorMA( le->pos.trBase, 2 + random() * 4, dir, le->pos.trBase );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:529:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[0] = dir[0] * ( 0.75 + random() ) * GIB_VELOCITY;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:530:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[1] = dir[1] * ( 0.75 + random() ) * GIB_VELOCITY;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:531:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = GIB_JUMP - 50 + dir[2] * ( 0.5 + random() ) * GIB_VELOCITY;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:745:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[0] = dir[0] * ( 0.5 + random() ) * GIB_VELOCITY * 0.3;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:746:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[1] = dir[1] * ( 0.5 + random() ) * GIB_VELOCITY * 0.3;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:747:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = GIB_JUMP + dir[2] * ( 0.5 + random() ) * GIB_VELOCITY * 0.5;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:788:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[0] = ( ( i % 2 ) * 2 - 1 ) * ( 40 + 40 * random() );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:789:63: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[1] = ( ( ( i / 2 ) % 2 ) * 2 - 1 ) * ( 40 + 40 * random() );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:801:83: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace.endpos, velocity, random() * 360,
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:1486:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
pitchRecoilAdd = pow( random(),8 ) * ( 10 + VectorLength( cg.snap->ps.velocity ) / 5 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:317:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
float rnd = random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:332:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_SmokePuff( cent->lerpOrigin, dir, 15 + ( random() * 10 ),
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:340:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
float rnd = random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:351:46: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_SmokePuff( cent->lerpOrigin, dir, 40 + random() * 70, //40+(rnd*40),
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:1639:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
angles[ROLL] = random() * 90;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:957:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = ( le->startTime + 5000 + random() * 5000 ) + endtime;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1044:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1045:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1046:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 200 ) + 200;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1051:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1052:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1055:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = random() * 200 * materialmul; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1057:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = random() * 20;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1108:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.burnMarkShader, origin, dir, random() * 360, 1,1,1,1, qfalse, 64, qfalse, INT_MAX );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1140:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 5000 + random() * 3000;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1203:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 5000 + random() * 5000;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1282:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1283:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1285:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 200 ) + 100; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1287:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 100 ) + 50; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1314:51: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 5000 + random() * 5000;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1335:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1336:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1338:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 100 ) + 50; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_localents.c:228:94: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace->endpos, trace->plane.normal, random() * 360,
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:766:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:773:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:2053:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rndSize = 0.4 + random() * 0.6;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:2270:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p->vel[2] = random() * 6;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:2430:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p->vel[2] = random() * 20;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:1995:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ci->breathPuffTime = cg.time + 3000 + random() * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1011:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random() * voiceChatList->voiceChats[i].numSounds;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_sound.c:50:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
qboolean random; // TODO
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:101:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = 200 + 50 * random(); // JPW NERVE
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:105:86: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + cg_brassTime.integer + ( cg_brassTime.integer / 4 ) * random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:189:86: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + cg_brassTime.integer + ( cg_brassTime.integer / 4 ) * random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:240:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = 200 + 50 * random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:322:88: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + ( cg_brassTime.integer * 8 ) + ( cg_brassTime.integer * random() );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:418:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dir[0] = random() * 0.25;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:420:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dir[2] = random(); // one direction (so smoke goes side-like)
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:461:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:571:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:2234:86: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.lightningHitWallShader, cent->pe.teslaEndPoints[i], vec, random() * 360, 0.2, 0.2, 0.2, 1.0, qtrue, 4, qfalse, 300 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:2240:155: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_DynamicLightningBolt( cgs.media.lightningBoltShader, tagPos, cent->pe.teslaEndPoints[i], 1+((cg.time%((i+2)*(i+3)))+i)%2, 20 + (float)(i%3)*5 + 6.0*random(), qtrue, 1.0, 0, i*i*3 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4441:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
pitchRecoilAdd = pow( random(),8 ) * ( 10 + VectorLength( cg.snap->ps.velocity ) / 5 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4635:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + duration - (int)( 0.5 * random() * duration );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4643:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorMA( le->pos.trBase, 2 + random() * 4, dir, le->pos.trBase );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4704:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorMA( pos, 2 + random() * 4, dir, pos );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4731:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dir[1] * crandom() * speed * randScale, dir[2] * random() * speed );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4771:121: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorSet( unitvel, dir[0] + crandom() * 0.9, dir[1] + crandom() * 0.9, fabs( dir[2] ) > 0.5 ? dir[2] * ( 0.2 + 0.8 * random() ) : random() * 0.6 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4771:134: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorSet( unitvel, dir[0] + crandom() * 0.9, dir[1] + crandom() * 0.9, fabs( dir[2] ) > 0.5 ? dir[2] * ( 0.2 + 0.8 * random() ) : random() * 0.6 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4787:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
timeAdd = 10.0 + random() * 40.0;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4795:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->effectWidth = 5 + random() * 5;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5222:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 200, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5227:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 600, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5240:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 200, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5252:68: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ParticleExplosion( "blacksmokeanim", sprOrg, sprVel, 6000 + random() * 2000, 40, 400 + random() * 200 ); // JPW NERVE was blacksmokeanimb
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5252:95: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ParticleExplosion( "blacksmokeanim", sprOrg, sprVel, 6000 + random() * 2000, 40, 400 + random() * 200 ); // JPW NERVE was blacksmokeanimb
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5260:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( sprVel,random() * 100 + 300,sprVel );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5261:87: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ParticleExplosion( "explode1", sprOrg, sprVel, 1000 + rand() % 1450, 40, 400 + random() * 200 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5264:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 200, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5427:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 200, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5432:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 600, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5445:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 200, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5450:71: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ParticleExplosion( "explode1", sprOrg, sprVel, 1600, 20, 200 + random() * 400 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5461:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 200, // speed
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5542:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( mark, origin, dir, random() * 360, 1,1,1,1, alphaFade, radius, qfalse, -1 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5624:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( mark, origin, dir, random() * 360, 1,1,1,1, alphaFade, radius, qfalse, INT_MAX );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:5922:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
begin = 50 + random() * ( len - 60 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6050:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( !wolfkick && random() < cg_tracerChance.value ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6091:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6092:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( smokedir,25.0 + random() * 25,tmpv );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6112:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6113:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( smokedir,-35.0 + random() * 25,tmpv );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6150:94: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace.endpos, trace.plane.normal, random() * 360,
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6151:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
1,1,1,1, qtrue, 15 + random() * 20, qfalse, cg_bloodTime.integer * 1000 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6160:95: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace.endpos, trace.plane.normal, random() * 360,
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:6161:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
1,1,1,1, qtrue, 15 + random() * 10, qfalse, cg_bloodTime.integer * 1000 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_fight.c:1321:42: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( ( cs->attributes[CAMPER] < random() )
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_fight.c:1326:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( cs->attributes[TACTICAL] > 0.3 + random() * 0.5 )
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_fight.c:1861:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( cs->attributes[TACTICAL] > 0.11 + random() * 0.5 ) &&
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c:121:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
vec[YAW] = random() * 360.0;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c:1103:87: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->bs->ideal_viewangles[YAW] = AngleMod( cs->bs->ideal_viewangles[YAW] + ( 45.0 + random() * 45.0 ) * ( 2 * ( rand() % 2 ) - 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c:2021:88: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->bs->ideal_viewangles[YAW] = AngleMod( cs->bs->ideal_viewangles[YAW] + ( 45.0 + random() * 45.0 ) * ( 2 * ( rand() % 2 ) - 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c:3613:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->bs->ideal_viewangles[PITCH] += 15 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c:3630:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->bs->ideal_viewangles[PITCH] += -10 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c:4353:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
&& cs->attributes[AGGRESSION] < ( random() + 0.5 * cs->attributes[TACTICAL] )
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_funcs.c:4539:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( random() * 3.0 + 1.0 < cs->attributes[ATTACK_CROUCH] )
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_ents.c:164:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:247:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
count = random() * numopponents;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:310:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random() * 8.9;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:386:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:429:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:473:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:512:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:568:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:616:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->botdeathtype == MOD_BFG_SPLASH ) && random() < 0.5 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:636:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < trap_Characteristic_BFloat( bs->character, CHARACTERISTIC_CHAT_INSULT, 0, 1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:672:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:707:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < trap_Characteristic_BFloat( bs->character, CHARACTERISTIC_CHAT_INSULT, 0, 1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:743:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:798:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd * 0.5 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:854:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd * 0.5 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:906:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd * 0.5 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:962:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > bs->thinktime * 0.1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:966:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:969:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.25 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:986:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < trap_Characteristic_BFloat( bs->character, CHARACTERISTIC_CHAT_MISC, 0, 1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:426:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > (float ) 1.0 / ( NumPlayersOnSameTeam( bs ) - 1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:561:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:607:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:647:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:729:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:766:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:796:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:821:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:848:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1385:50: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->leadmessage_time = -( trap_AAS_Time() + 2 * random() );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1415:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:393:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * croucher ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:415:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < bs->thinktime * 0.3 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:427:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:502:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->defendaway_time = trap_AAS_Time() + 2 + 5 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:591:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:601:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * croucher ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:725:56: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->rushbaseaway_time = trap_AAS_Time() + 5 + 10 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:958:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->respawn_time = trap_AAS_Time() + 1 + random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1083:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1218:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1329:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1406:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1420:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1501:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 0.2 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:198:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:200:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:936:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { bs->teamgoal_time = 120 + 180 * camper + random() * 15;}
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:975:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > camper ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1057:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r1 = random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1060:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r2 = random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1064:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bestorg[0] += sign * 700 * random() + 50;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1068:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r2 = random();
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1072:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bestorg[1] += sign * 700 * random() + 50;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1075:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bestorg[2] += 3 * 48 * random() - 2 * 48 - 1;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1156:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < jumper ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1160:60: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( bs->attackcrouch_time < trap_AAS_Time() - 1 && random() < croucher ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1208:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.935 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1227:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.9 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1616:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1855:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > firethrottle ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2481:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorSet( angles, 0, 360 * random(), 0 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2544:64: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( m.type == CMS_CHAT && m.time > trap_AAS_Time() - ( 1 + random() ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2599:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 1.5 / ( NumBots() + 1 ) && random() < chat_reply ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2599:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 1.5 / ( NumBots() + 1 ) && random() < chat_reply ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1168:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand( (unsigned)time( NULL ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:525:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->askteamleader_time = trap_AAS_Time() + 5 + random() * 10;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:527:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->becometeamleader_time = trap_AAS_Time() + 5 + random() * 10;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:535:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->becometeamleader_time = trap_AAS_Time() + 15 + random() * 10;
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:830:6: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand( unsigned seed ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:82:6: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand( unsigned seed );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_active.c:903:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
muzzlebounce[PITCH] -= 0.25 * random() * ( 1.0f - ( level.time - client->sniperRifleFiredTime ) / RIFLE_SHAKE_TIME );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_active.c:940:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] += 50 + random() * 35;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:228:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
num = random() * ( num - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:2108:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
launchvel[2] = 10 + random() * 10;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_combat.c:341:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
launchvel[2] = random();
data/iortcw-1.51.c+dfsg1/MP/code/game/g_combat.c:422:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
launchvel[2] = 10 + random() * 10;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_combat.c:437:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.5 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_combat.c:443:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.5 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_combat.c:842:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( (int)( random() + 0.5 ) ) { // choose one of two possible replacements
data/iortcw-1.51.c+dfsg1/MP/code/game/g_items.c:492:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
quantity = ( random() * ( ent->item->quantity - 1 ) ) + 1; // giving 1-<item default count>
data/iortcw-1.51.c+dfsg1/MP/code/game/g_items.c:860:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_items.c:861:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
respawn += crandom() * ent->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_items.c:1256:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:300:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
float random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1106:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand( randomSeed );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:301:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.mins, tv( -( ent->random ), -( ent->random ), -( ent->random ) ), ent->r.mins );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:301:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.mins, tv( -( ent->random ), -( ent->random ), -( ent->random ) ), ent->r.mins );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:301:75: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.mins, tv( -( ent->random ), -( ent->random ), -( ent->random ) ), ent->r.mins );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:302:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.maxs, tv( ent->random, ent->random, ent->random ), ent->r.maxs );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:302:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.maxs, tv( ent->random, ent->random, ent->random ), ent->r.maxs );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:302:62: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.maxs, tv( ent->random, ent->random, ent->random ), ent->r.maxs );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:767:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
deg = crandom() * ent->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:770:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
deg = crandom() * ent->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:826:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( !ent->random ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:831:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->random = sin( M_PI * ent->random / 180 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:964:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->s.angles2[0] = ent->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:976:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:977:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->s.time2 = ent->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_missile.c:1470:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r = crandom() * self->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_missile.c:1471:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
u = crandom() * self->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_missile.c:1645:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r = random() * M_PI * 2.0f;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_missile.c:1656:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
scale = 555 + random() * 1800;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_missile.c:1658:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
scale = 1200 + random() * 2500;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_mover.c:3160:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( vec, random() * (float)self->radius, bat->movedir );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c:1290:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( level.time > self->random && has_moved ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c:4095:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c:4096:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rval = ent->random * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c:4123:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c:4124:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rval = ent->random * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:119:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
{"random", FOFS( random ), F_FLOAT},
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:110:51: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:234:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:260:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->s.clientNum = ent->random * 10;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:1019:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dayaw = ent->random;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:1106:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( !( self->random ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:63:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:184:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:186:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random >= ent->wait && ent->wait >= 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:586:73: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
self->nextthink = level.time + 1000 * ( self->wait + crandom() * self->random );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:603:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "1", &self->random );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:609:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( self->random >= self->wait ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:829:41: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bomb->nextthink = level.time + 1000 + random() * 300;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:847:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( tmpdir,500 + random() * 500,tmpdir );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:1442:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
damage = G_GetWeaponDamage( WP_SILENCER ) + ( random() * 15 ); // JPW giving 40-55
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2370:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env = getenv(arg1);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2705:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2707:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:744:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random() ( ( rand() & 0x7fff ) / ( (float)0x7fff ) )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:745:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define crandom() ( 2.0 * ( random() - 0.5 ) )
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:730:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random() ( ( rand() & 0x7fff ) / ( (float)0x7fff ) )
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:731:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define crandom() ( 2.0 * ( random() - 0.5 ) )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_loadlib.h:26:37: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
# define Sys_LoadLibrary(f) (void*)LoadLibrary(f)
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:73:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p1 = getenv( "HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:87:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p1 = getenv( "XDG_DATA_HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:92:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if( ( p2 = getenv( "HOME" ) ) != NULL)
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:105:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p1 = getenv( "HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:133:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p = getenv( "HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:798:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *session = getenv( "DESKTOP_SESSION" );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:891:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* term = getenv( "TERM" );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:103:21: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HMODULE shfolder = LoadLibrary("shfolder.dll");
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:327:8: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if ( !CreateProcess( NULL, va( "%s\\%s", szPathOrig, exeName ), NULL, NULL,FALSE, 0, NULL, NULL, &si, &pi ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:327:8: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if ( !CreateProcess( NULL, va( "%s\\%s", szPathOrig, exeName ), NULL, NULL,FALSE, 0, NULL, NULL, &si, &pi ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_route.c:1987:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
n = ( *aasworld ).numareas * random();
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:821:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
weight = random() * syn->totalweight;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:970:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bot_randomlist_t *random;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:977:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( random = randomlist; random; random = random->next )
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1000:46: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bot_randomlist_t *randomlist, *lastrandom, *random;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1048:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
lastrandom->next = random;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1049:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { randomlist = random;}
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1050:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
lastrandom = random;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1098:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bot_randomlist_t *random;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1102:32: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( random = randomstrings; random; random = random->next )
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1105:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
i = random() * random->numstrings;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2356:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
n = random() * numchatmessages;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2591:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
num = random() * numchatmessages;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_gen.c:86:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
index = random() * numranks;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:85:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
float random;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:507:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
AAS_FloatForBSPEpairKey( ent, "random", &cs->random );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:683:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { return fs->minweight + random() * ( fs->maxweight - fs->minweight );}
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:690:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { w1 = fs->minweight + random() * ( fs->maxweight - fs->minweight );}
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:694:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { w2 = fs->next->minweight + random() * ( fs->next->maxweight - fs->next->minweight );}
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:761:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { return s->minweight + random() * ( s->maxweight - s->minweight );}
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:767:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { return s->minweight + random() * ( s->maxweight - s->minweight );}
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:785:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 0.01 ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:495:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:502:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:67:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = cg.time + 1000 + random() * 250;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:301:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + duration - (int)( 0.5 * random() * duration );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:309:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorMA( le->pos.trBase, 2 + random() * 4, dir, le->pos.trBase );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:522:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[0] = dir[0] * ( 0.75 + random() ) * GIB_VELOCITY;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:523:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[1] = dir[1] * ( 0.75 + random() ) * GIB_VELOCITY;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:524:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = GIB_JUMP - 50 + dir[2] * ( 0.5 + random() ) * GIB_VELOCITY;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:737:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[0] = dir[0] * ( 0.5 + random() ) * GIB_VELOCITY * 0.3;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:738:35: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[1] = dir[1] * ( 0.5 + random() ) * GIB_VELOCITY * 0.3;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:739:46: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = GIB_JUMP + dir[2] * ( 0.5 + random() ) * GIB_VELOCITY * 0.5;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:750:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
size = 0.6 + 0.4 * random();
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:813:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = GIB_JUMP + random() * GIB_VELOCITY;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:815:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[0] = dir[0] * ( 0.5 + random() ) * GIB_VELOCITY * 0.3;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:816:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[1] = dir[1] * ( 0.5 + random() ) * GIB_VELOCITY * 0.3;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:817:51: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = GIB_JUMP + dir[2] * ( 0.5 + random() ) * GIB_VELOCITY * 0.5;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:824:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
size = 0.6 + 0.4 * random();
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:921:54: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[0] = ( ( i % 2 ) * 2 - 1 ) * ( 40 + 40 * random() );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:922:62: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[1] = ( ( ( i / 2 ) % 2 ) * 2 - 1 ) * ( 40 + 40 * random() );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:934:82: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace.endpos, velocity, random() * 360,
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:1633:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
pitchRecoilAdd = pow( random(),8 ) * ( 10 + VectorLength( cg.snap->ps.velocity ) / 5 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:182:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
velocity[2] = FLY_JUMP - 50 + dir[2] * ( 0.5 + random() ) * FLY_VELOCITY;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:1894:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
angles[ROLL] = random() * 90;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:996:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = ( le->startTime + 5000 + random() * 5000 ) + endtime;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1004:42: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 7000 + random() * 5000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1092:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1093:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1094:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 200 ) + 200;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1099:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1100:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1103:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = random() * 200 * materialmul; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1105:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = random() * 20;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1169:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.burnMarkShader, origin, dir, random() * 360, 1,1,1,1, qfalse, 64, qfalse, -1 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1197:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.burnMarkShader, origin, dir, random() * 360, 1,1,1,1, qfalse, 64, qfalse, INT_MAX );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1229:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 5000 + random() * 3000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1292:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 5000 + random() * 5000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1371:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1372:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1374:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 200 ) + 100; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1376:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 100 ) + 50; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1403:51: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 5000 + random() * 5000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1424:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[0] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1425:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[1] += ( ( random() * 100 ) - 50 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1427:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->pos.trDelta[2] = ( random() * 100 ) + 50; // randomize sort of a lot so they don't all land together
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1485:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
qboolean random; // TODO
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_localents.c:228:94: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace->endpos, trace->plane.normal, random() * 360,
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:686:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:693:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:2149:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rndSize = 0.4 + random() * 0.6;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:2371:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p->vel[2] = random() * 6;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:2536:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p->vel[2] = random() * 20;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:2454:74: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.headLookStopTime = cg.time + (int)( stopTime * ( 0.5 + 0.5 * random() ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:2737:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ci->breathPuffTime = cg.time + 3000 + random() * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3277:65: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRotationTimes[i] = minRotationTime + ( random() * ( maxRotationTime - minRotationTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3278:71: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRadiusCycleTimes[i] = minRadiusCycleTime + ( random() * ( maxRadiusCycleTime - minRadiusCycleTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3306:65: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRotationTimes[i] = minRotationTime + ( random() * ( maxRotationTime - minRotationTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3307:71: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRadiusCycleTimes[i] = minRadiusCycleTime + ( random() * ( maxRadiusCycleTime - minRadiusCycleTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3475:115: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.nextZombieSpiritSound = cg.time + sndIntervalMin + (int)( (float)( sndIntervalMax - sndIntervalMin ) * random() );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3521:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( re->axis[0], 150 + 50 * random(), le->pos.trDelta );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3798:112: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_DynamicLightningBolt( cgs.media.lightningBoltShader, tagPos, cent->pe.lightningPoints[i], 1, 25 + 12.0 * random(), ( cent->currentState.eFlags & EF_MONSTER_EFFECT ) == 0, 1.0, 0, i * i * 2 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:3893:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
colTake = 0.5 + random() * 0.5;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:4009:65: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRotationTimes[i] = minRotationTime + ( random() * ( maxRotationTime - minRotationTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:4010:71: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRadiusCycleTimes[i] = minRadiusCycleTime + ( random() * ( maxRadiusCycleTime - minRadiusCycleTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:4038:65: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRotationTimes[i] = minRotationTime + ( random() * ( maxRotationTime - minRotationTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:4039:71: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.zombieSpiritRadiusCycleTimes[i] = minRadiusCycleTime + ( random() * ( maxRadiusCycleTime - minRadiusCycleTime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:4208:115: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cent->pe.nextZombieSpiritSound = cg.time + sndIntervalMin + (int)( (float)( sndIntervalMax - sndIntervalMin ) * random() );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:5020:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ci->blinkTime = cg.time + 500 + random() * 4000;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:110:86: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + cg_brassTime.integer + ( cg_brassTime.integer / 4 ) * random();
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:197:86: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + cg_brassTime.integer + ( cg_brassTime.integer / 4 ) * random();
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:299:88: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + ( cg_brassTime.integer * 8 ) + ( cg_brassTime.integer * random() );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:437:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:439:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dir[0] = random() * 0.25;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:441:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dir[2] = random(); // one direction (so smoke goes side-like)
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:536:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:2323:86: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.lightningHitWallShader, cent->pe.teslaEndPoints[i], vec, random() * 360, 0.2, 0.2, 0.2, 1.0, qtrue, 4, qfalse, 300 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:2329:187: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_DynamicLightningBolt( cgs.media.lightningBoltShader, tagPos, cent->pe.teslaEndPoints[i], 1 + ( ( cg.time % ( ( i + 2 ) * ( i + 3 ) ) ) + i ) % 2, 20 + (float)( i % 3 ) * 5 + 6.0 * random(), ( cent->pe.teslaEnemy[i] < 0 ), 1.0, 0, i * i * 3 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4633:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
pitchRecoilAdd = pow( random(),8 ) * ( 10 + VectorLength( cg.snap->ps.velocity ) / 5 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4815:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + duration - (int)( 0.5 * random() * duration );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4823:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorMA( le->pos.trBase, 2 + random() * 4, dir, le->pos.trBase );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4884:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorMA( pos, 2 + random() * 4, dir, pos );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4911:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dir[1] * crandom() * speed * randScale, dir[2] * random() * speed );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4934:121: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorSet( unitvel, dir[0] + crandom() * 0.9, dir[1] + crandom() * 0.9, fabs( dir[2] ) > 0.5 ? dir[2] * ( 0.2 + 0.8 * random() ) : random() * 0.6 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4934:134: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorSet( unitvel, dir[0] + crandom() * 0.9, dir[1] + crandom() * 0.9, fabs( dir[2] ) > 0.5 ? dir[2] * ( 0.2 + 0.8 * random() ) : random() * 0.6 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4950:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
timeAdd = 10.0 + random() * 40.0;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4958:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->effectWidth = 5 + random() * 5;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5352:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sprOrg[2] = origin[2] + 32 * random();
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5370:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 300, // speed
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5483:70: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ParticleExplosion( "explode1", sprOrg, sprVel, 1600, 20, 200 + random() * 400 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5492:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
400 + random() * 200, // speed
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5557:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( mark, origin, dir, random() * 360, 1,1,1,1, alphaFade, radius, qfalse, -1 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5639:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( mark, origin, dir, random() * 360, 1,1,1,1, alphaFade, radius, qfalse, INT_MAX );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5905:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
begin = 50 + random() * ( len - 60 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:5988:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( !wolfkick && random() < cg_tracerChance.value ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:6043:94: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace.endpos, trace.plane.normal, random() * 360,
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:6044:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
1,1,1,1, qtrue, 15 + random() * 20, qfalse, cg_bloodTime.integer * 1000 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:6053:95: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodDotShaders[rand() % 5], trace.endpos, trace.plane.normal, random() * 360,
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:6054:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
1,1,1,1, qtrue, 15 + random() * 10, qfalse, cg_bloodTime.integer * 1000 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_fight.c:1413:42: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( ( cs->attributes[CAMPER] < random() )
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_fight.c:1418:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( cs->attributes[TACTICAL] > 0.3 + random() * 0.5 )
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_fight.c:2009:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( cs->attributes[TACTICAL] > 0.11 + random() * 0.5 ) &&
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_func_boss1.c:763:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( enemyVec, 2.0 * ( 0.6 + 0.5 * random() ) * scale * ( 0.6 + 0.6 * ( 1.0 - ( enemyDist / HEINRICH_STOMP_RANGE ) ) ), enemyVec );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c:121:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
vec[YAW] = random() * 360.0;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c:1308:79: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->ideal_viewangles[YAW] = AngleMod( cs->ideal_viewangles[YAW] + ( 45.0 + random() * 45.0 ) * ( 2 * ( rand() % 2 ) - 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c:2237:80: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->ideal_viewangles[YAW] = AngleMod( cs->ideal_viewangles[YAW] + ( 45.0 + random() * 45.0 ) * ( 2 * ( rand() % 2 ) - 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c:3945:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->ideal_viewangles[PITCH] += 15 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c:3962:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cs->ideal_viewangles[PITCH] += -10 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c:4702:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
&& cs->attributes[AGGRESSION] < ( random() + 0.5 * cs->attributes[TACTICAL] )
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_funcs.c:4918:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ( random() * 3.0 + 1.0 < cs->attributes[ATTACK_CROUCH] )
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_ents.c:164:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:247:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
count = random() * numopponents;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:310:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random() * 8.9;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:386:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:429:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:473:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:512:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:568:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:616:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->botdeathtype == MOD_BFG_SPLASH ) && random() < 0.5 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:636:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < trap_Characteristic_BFloat( bs->character, CHARACTERISTIC_CHAT_INSULT, 0, 1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:672:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:707:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < trap_Characteristic_BFloat( bs->character, CHARACTERISTIC_CHAT_INSULT, 0, 1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:743:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:798:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd * 0.5 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:854:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd * 0.5 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:906:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd * 0.5 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:962:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > bs->thinktime * 0.1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:966:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > rnd ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:969:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.25 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:986:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < trap_Characteristic_BFloat( bs->character, CHARACTERISTIC_CHAT_MISC, 0, 1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:426:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > (float ) 1.0 / ( NumPlayersOnSameTeam( bs ) - 1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:561:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:607:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:647:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:729:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:766:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:796:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:821:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:848:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1385:50: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->leadmessage_time = -( trap_AAS_Time() + 2 * random() );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1415:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:393:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * croucher ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:415:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < bs->thinktime * 0.3 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:427:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:502:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->defendaway_time = trap_AAS_Time() + 2 + 5 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:591:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:601:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * croucher ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:725:56: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->rushbaseaway_time = trap_AAS_Time() + 5 + 10 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:958:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->respawn_time = trap_AAS_Time() + 1 + random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1083:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1218:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1329:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1406:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1420:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else if ( random() < bs->thinktime * 0.8 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1501:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 0.2 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:198:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = trap_AAS_Time() + 2 * random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:200:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:934:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else { bs->teamgoal_time = 120 + 180 * camper + random() * 15;}
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:973:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > camper ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1055:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r1 = random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1058:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r2 = random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1062:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bestorg[0] += sign * 700 * random() + 50;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1066:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r2 = random();
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1070:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bestorg[1] += sign * 700 * random() + 50;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1073:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bestorg[2] += 3 * 48 * random() - 2 * 48 - 1;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1154:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < jumper ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1158:60: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if ( bs->attackcrouch_time < trap_AAS_Time() - 1 && random() < croucher ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1206:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.935 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1225:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.9 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1610:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > 0.1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1848:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() > firethrottle ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2474:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorSet( angles, 0, 360 * random(), 0 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2537:64: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( m.type == CMS_CHAT && m.time > trap_AAS_Time() - ( 1 + random() ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2592:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 1.5 / ( NumBots() + 1 ) && random() < chat_reply ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2592:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < 1.5 / ( NumBots() + 1 ) && random() < chat_reply ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1170:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand( (unsigned)time( NULL ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:525:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->askteamleader_time = trap_AAS_Time() + 5 + random() * 10;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:527:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->becometeamleader_time = trap_AAS_Time() + 5 + random() * 10;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:535:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->becometeamleader_time = trap_AAS_Time() + 15 + random() * 10;
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:701:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand( unsigned seed ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:82:6: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand( unsigned seed );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_active.c:914:63: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
muzzlebounce[PITCH] -= 0.25*client->sniperRifleMuzzlePitch*random() * ( 1.0f - ( level.time - client->sniperRifleFiredTime ) / RIFLE_SHAKE_TIME );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:229:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
num = random() * ( num - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_combat.c:464:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
launchvel[2] = 10 + random() * 10;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_combat.c:860:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( (int)( random() + 0.5 ) ) { // choose one of two possible replacements
data/iortcw-1.51.c+dfsg1/SP/code/game/g_items.c:419:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
quantity = ( random() * ( ammoTable[weapon].maxclip - 4 ) ) + 4; // giving 4-<item default count>
data/iortcw-1.51.c+dfsg1/SP/code/game/g_items.c:795:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_items.c:796:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
respawn += crandom() * ent->random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_items.c:1169:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:301:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
float random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1186:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand( randomSeed );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:310:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.mins, tv( -( ent->random ), -( ent->random ), -( ent->random ) ), ent->r.mins );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:310:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.mins, tv( -( ent->random ), -( ent->random ), -( ent->random ) ), ent->r.mins );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:310:75: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.mins, tv( -( ent->random ), -( ent->random ), -( ent->random ) ), ent->r.mins );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:311:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.maxs, tv( ent->random, ent->random, ent->random ), ent->r.maxs );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:311:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.maxs, tv( ent->random, ent->random, ent->random ), ent->r.maxs );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:311:62: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorAdd( ent->r.maxs, tv( ent->random, ent->random, ent->random ), ent->r.maxs );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:797:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
deg = crandom() * ent->random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:800:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
deg = crandom() * ent->random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:854:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( !ent->random ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:859:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->random = sin( M_PI * ent->random / 180 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:993:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->s.angles2[0] = ent->random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:1005:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:1006:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->s.time2 = ent->random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_missile.c:1330:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r = crandom() * self->random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_missile.c:1331:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
u = crandom() * self->random;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_mover.c:3180:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorScale( vec, random() * (float)self->radius, bat->movedir );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_mover.c:3220:54: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
self->nextthink = level.time + (int)( ( 1.5 + 2.0 * random() ) * ( self->wait * 1000 ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c:1306:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( level.time > self->random && has_moved ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c:4059:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c:4060:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rval = ent->random * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c:4090:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c:4091:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rval = ent->random * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:120:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
{"random", FOFS( random ), F_FLOAT},
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:110:51: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:234:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:260:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->s.clientNum = ent->random * 10;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:697:84: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
trap_SetConfigstring( CS_FOGVARS, va( "%f %f %f %f %f %f %i", ent->accuracy, ent->random, 1.0f, (float)ent->dl_color[0], (float)ent->dl_color[1], (float)ent->dl_color[2], ent->s.time ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:1098:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( !( self->random ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c:63:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c:184:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c:186:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random >= ent->wait && ent->wait >= 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c:599:73: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
self->nextthink = level.time + 1000 * ( self->wait + crandom() * self->random );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c:616:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "1", &self->random );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c:622:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( self->random >= self->wait ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1921:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env = getenv(arg1);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2268:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2270:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:758:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random() ( ( rand() & 0x7fff ) / ( (float)0x7fff ) )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:759:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define crandom() ( 2.0 * ( random() - 0.5 ) )
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:744:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random() ( ( rand() & 0x7fff ) / ( (float)0x7fff ) )
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:745:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define crandom() ( 2.0 * ( random() - 0.5 ) )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_loadlib.h:26:37: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
# define Sys_LoadLibrary(f) (void*)LoadLibrary(f)
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:73:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p1 = getenv( "HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:87:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p1 = getenv( "XDG_DATA_HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:92:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if( ( p2 = getenv( "HOME" ) ) != NULL)
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:105:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p1 = getenv( "HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:133:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( ( p = getenv( "HOME" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:798:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *session = getenv( "DESKTOP_SESSION" );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:891:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* term = getenv( "TERM" );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:103:21: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HMODULE shfolder = LoadLibrary("shfolder.dll");
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:904:8: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if ( !CreateProcess( NULL, va( "%s\\%s", szPathOrig, exeName ), NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi ) )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:904:8: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if ( !CreateProcess( NULL, va( "%s\\%s", szPathOrig, exeName ), NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi ) )
data/iortcw-1.51.c+dfsg1/MP/code/asm/snapvector.c:31:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ssemask[16] __attribute__((aligned(16))) =
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:181:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( trace, &enttrace, sizeof( bsp_trace_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:342:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*value = atoi( buf );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:521:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bspworld.dentdata, botimport.BSPEntityData(), bspworld.entdatasize );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_debug.c:259:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bboxcorners[4], bboxcorners[0], sizeof( vec3_t ) * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_debug.c:685:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &reach, &( *aasworld ).reachability[settings->firstreachablearea + index], sizeof( aas_reachability_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_def.h:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_def.h:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_def.h:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *configstrings[MAX_CONFIGSTRINGS];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_entity.c:180:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( info, &( *defaultaasworld ).entities[entnum].i, sizeof( aas_entityinfo_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_file.c:414:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
( *aasworld ).bspchecksum = atoi( LibVarGetString( "sv_mapChecksum" ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:170:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( *aasworld ).configstrings[i] = (char *) GetMemory( strlen( configstrings[i] ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aasfile[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char this_mapname[MAPNAME_LEN], intstr[4];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_optimize.c:169:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( optface, face, sizeof( aas_face_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_optimize.c:203:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( optarea, area, sizeof( aas_area_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:2602:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[MAX_EPAIRKEY], targetname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:2603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:2621:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
AAS_BSPModelMinsMaxsOrigin( atoi( model + 1 ), angles, mins, maxs, origin );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:2655:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
AAS_BSPModelMinsMaxsOrigin( atoi( model + 1 ), angles, mins, maxs, origin );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:2758:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_EPAIRKEY], classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:2784:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:3133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:3161:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:3368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[MAX_EPAIRKEY], targetname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:3369:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:3391:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_reach.c:3847:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_route.c:950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_route.c:1110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_route.c:1886:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( reach, &( *aasworld ).reachability[num], sizeof( aas_reachability_t ) );;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_route.c:2170:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( *aasworld ).areavisibility[i], buf, size );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routetable.c:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routetable.c:515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routetable.c:809:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( area_parents[i]->visibleParents, visibleParents, area_parents[i]->numVisibleParents * sizeof( unsigned short int ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_routetable.c:1195:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char destVisLookup[MAX_PARENTS];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_CHATTYPE_NAME];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; //name of the bot
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatmessage[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:593:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( str, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:888:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( str1, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:937:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( &ptr[strlen( ptr )], "%cv%ld%c", ESCAPE_CHAR, token.intvalue, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatmessagestring[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1764:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuffer[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1944:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatmessagestring[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcmessage[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2603:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bestmatch, &match, sizeof( bot_match_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAX_MESSAGE_SIZE]; //message
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_gen.c:123:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( rankings, ranks, sizeof( float ) * numranks );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[32]; //classname of the item
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD]; //name of the item
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD]; //model of the item
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:1007:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:1038:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &gs->goalstack[gs->goalstacktop], goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:1088:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &gs->goalstack[gs->goalstacktop], sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:1107:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &gs->goalstack[gs->goalstacktop - 1], sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_move.c:534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_move.c:547:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.c:252:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &wc->weaponinfo[weaponinfo.number], &weaponinfo, sizeof( weaponinfo_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.c:299:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &wc->weaponinfo[i].proj, &wc->projectileinfo[j], sizeof( projectileinfo_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.c:398:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( weaponinfo, &weaponconfig->weaponinfo[weapon], sizeof( weaponinfo_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.h:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weap.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projectile[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:582:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( filename, "wb" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.h:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ea.c:401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( input, bi, sizeof( bot_input_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ea.c:426:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bi, init, sizeof( bot_input_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/botai.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/botlib.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_LOGFILENAMESIZE];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.c:78:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfile.fp = fopen(ospath, "wb");
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:289:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( t, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:345:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, source->tokens, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:678:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
define->name = (char *) GetMemory(strlen(builtin[i].string) + 1);
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:708:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token->string, "%d", deftoken->line );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:959:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2434:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%ld", labs( value ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2460:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%1.2f", fabs( value ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2540:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%ld", labs( value ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2570:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%1.2f", fabs( value ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2756:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &source->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2798:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "string" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2801:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "literal" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2804:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "number" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2807:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "name" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2810:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "punctuation" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2819:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "decimal" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2822:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "hex" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2825:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "octal" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2828:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "binary" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2831:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " long" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2834:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " unsigned" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2837:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " float" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2840:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " integer" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2905:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, &tok, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.h:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH]; //file name of the script
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.h:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char includepath[MAX_QPATH]; //path to include files
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:165:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basefolder[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:844:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &script->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:858:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, &script->token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:920:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &script->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:951:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:961:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "string" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:964:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "literal" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:967:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "number" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:970:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "name" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:973:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "punctuation" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:982:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "decimal" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:985:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "hex" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:988:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "octal" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:991:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "binary" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:994:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " long" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:997:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " unsigned" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1000:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " float" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1003:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " integer" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1073:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, &tok, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &script->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1349:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( filename, "rb" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKEN]; //available token
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.h:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH]; //file name of the script
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_struct.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( (char *)p )[MAX_STRINGFIELD - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_struct.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test[4];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:52:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
trap_SendClientCommand( va( "gc %i %i", targetNum, atoi( test ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:380:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:384:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamStr[80], classStr[80], weapStr[80];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatCmd[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatCmd[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:450:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crosshair[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:453:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.newCrosshairIndex = atoi( crosshair ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locfilename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locname[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systemChat[256];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChat1[256];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChat2[256];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16], *ptr;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16], *ptr;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:661:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classType[2] = { 0, 0 };
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pickupText[256];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:1048:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:1469:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:1891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rendererinfos[128];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2381:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[32], str2[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2503:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cg.snap->ps.persistant[PERS_TEAM] == TEAM_SPECTATOR && atoi( buf ) == 0 && latch == 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2534:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2565:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2657:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deploytime[128]; // JPW NERVE
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2777:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defender = atoi( Info_ValueForKey( cs, "defender" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3194:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3282:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamstr[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3331:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( teamstr, "axis_desc" );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3333:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( teamstr, "allied_desc" );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3339:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( buf && atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3340:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( buf );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3375:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi( Info_ValueForKey( s, "status" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_drawtools.c:1408:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char staticbuf[2][MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:613:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int CG_GetOriginForTag( centity_t *cent, refEntity_t *parent, char *tagName, int startIndex, vec3_t org, vec3_t axis[3] ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_effects.c:1267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:439:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:1305:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:1609:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:1820:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:2145:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) == s1->number ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:2150:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pi = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:49:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetName[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attackerName[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:252:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( attackerName, "noname" );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempStr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_flamethrower.c:1177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_flamethrower.c:1206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char personality[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c:194:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vars[v++] = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c:234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hunkBuf[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_info.c:249:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expectedHunk = atoi( hunkBuf );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MAX_QPATH]; // md3_lower, md3_lbelt, md3_rbelt, etc.
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH]; // lower.md3, belt1.md3, etc.
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dl_stylestring[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hSkinName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headModelName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:800:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoScreenText[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char killerName[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spectatorList[MAX_STRING_CHARS]; // list of names
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:831:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char centerPrint[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testModelName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:955:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oidPrint[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:977:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spawnVars[MAX_SPAWN_VARS][2]; // key / value pairs
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:979:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnVarChars[MAX_SPAWN_VARS_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:982:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char twoMinuteSound_g[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:983:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char twoMinuteSound_a[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:984:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thirtySecondSound_g[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:985:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thirtySecondSound_a[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redTeam[MAX_QPATH]; // A team
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueTeam[MAX_QPATH]; // B team
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteString[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamVoteString[2][MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1548:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChatMsgs[TEAMCHAT_HEIGHT][TEAMCHAT_WIDTH * 3 + 1];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char notifyMsgs[NOTIFY_HEIGHT][NOTIFY_WIDTH * 3 + 1];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1884:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char systemChat[256];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1885:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char teamChat1[256];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:1886:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char teamChat2[256];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_local.h:2130:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int CG_GetOriginForTag( centity_t * cent, refEntity_t * parent, char *tagName, int startIndex, vec3_t org, vec3_t axis[3] );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_localents.c:578:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &( nle->leType ), &( le->leType ), sizeof( localEntity_t ) - 2 * sizeof( localEntity_t * ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:500:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:511:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.localServer = atoi( var );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:586:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:592:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:611:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:622:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:633:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:648:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:674:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entnum = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:681:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cent->dl_frame = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:688:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cent->dl_sound = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:691:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cent->dl_atten = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:751:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( data, start, len );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:773:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char items[MAX_ITEMS + 1];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:774:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1040:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1043:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char items[MAX_ITEMS + 1];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1044:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *sb_nums[11] = {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1434:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1446:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parm1[MAX_QPATH], parm2[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1571:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUFILE];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1826:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUDEFFILE];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:2051:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:2111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:2296:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_marks.c:261:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mark->verts, verts, mf->numPoints * sizeof( verts[0] ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:949:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:1148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:1160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:1298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:1394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:102:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *shaderAnimNames[MAX_SHADER_ANIMS] = {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:1527:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:1561:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numparticles = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:1564:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
turb = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_particles.c:1567:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
snum = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[100000];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cg_customSoundNames[MAX_CUSTOM_SOUNDS] = {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tags[2] = {"tag_footleft", "tag_footright"};
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namefromskin[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelsUsed[MAX_ANIMSCRIPT_MODELS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namefromskin[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:500:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:551:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleString[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:632:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namefromskin[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:633:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:675:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi( v );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:969:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.botSkill = atoi( v );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:973:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.handicap = atoi( v );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:977:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.wins = atoi( v );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:981:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.losses = atoi( v );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:985:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.team = atoi( v );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:992:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelStr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:1010:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelStr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:2483:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[8][64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:2774:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( legs.torsoAxis, torso.axis, sizeof( torso.axis ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:3049:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( or->axis, tempAxis, sizeof( vec3_t ) * 3 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_players.c:3102:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( or->axis, tempAxis, sizeof( vec3_t ) * 3 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamstr[32];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:241:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( buf ) == -1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:242:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if ( atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:332:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( teamstr, "short_axis_desc" );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:334:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( teamstr, "short_allied_desc" );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:340:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( buf && atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:341:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( buf );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:358:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi( Info_ValueForKey( s, "status" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:502:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defender = atoi( Info_ValueForKey( s, "defender" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:505:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
winner = atoi( Info_ValueForKey( s, "winner" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:49:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numScores = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:54:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.teamScores[0] = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:55:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.teamScores[1] = atoi( CG_Argv( 3 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:60:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].client = atoi( CG_Argv( i * 8 + 4 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:61:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].score = atoi( CG_Argv( i * 8 + 5 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:62:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].ping = atoi( CG_Argv( i * 8 + 6 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:63:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].time = atoi( CG_Argv( i * 8 + 7 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:64:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].scoreFlags = atoi( CG_Argv( i * 8 + 8 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:65:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
powerups = atoi( CG_Argv( i * 8 + 9 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:66:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].playerClass = atoi( CG_Argv( i * 8 + 10 ) ); // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:67:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].respawnsLeft = atoi( CG_Argv( i * 8 + 11 ) ); // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:105:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.identifyClientNum = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:106:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.identifyClientHealth = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:109:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numSortedTeamPlayers = atoi( CG_Argv( 3 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:118:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client = atoi( CG_Argv( i * 5 + 4 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:127:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].location = atoi( CG_Argv( i * 5 + 5 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:128:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].health = atoi( CG_Argv( i * 5 + 6 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:129:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].powerups = atoi( CG_Argv( i * 5 + 7 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:131:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg_entities[ client ].currentState.teamNum = atoi( CG_Argv( i * 5 + 8 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:149:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.gametype = atoi( Info_ValueForKey( info, "g_gametype" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:150:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.antilag = atoi( Info_ValueForKey( info, "g_antilag" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:160:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.maxclients = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:171:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg_redlimbotime.integer = atoi( Info_ValueForKey( info, "g_redlimbotime" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:172:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg_bluelimbotime.integer = atoi( Info_ValueForKey( info, "g_bluelimbotime" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:175:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.minclients = atoi( Info_ValueForKey( info, "g_minGameClients" ) ); // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:193:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.currentRound = atoi( Info_ValueForKey( info, "g_currentRound" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:195:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.gamestate = atoi( Info_ValueForKey( info, "gamestate" ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:212:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
warmup = atoi( info );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:237:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.fadeStartTime = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:239:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.fadeDuration = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:270:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
token = COM_Parse( (char **)&info ); time = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:292:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores1 = atoi( CG_ConfigString( CS_SCORES1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:293:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores2 = atoi( CG_ConfigString( CS_SCORES2 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:294:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( CG_ConfigString( CS_LEVEL_START_TIME ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:305:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.warmup = atoi( CG_ConfigString( CS_WARMUP ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char originalShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeOffset[16];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:358:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:377:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores1 = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:379:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores2 = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:381:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:383:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteTime = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:386:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteYes = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:389:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteNo = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:396:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteTime[num - CS_TEAMVOTE_TIME] = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:399:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteYes[num - CS_TEAMVOTE_YES] = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:402:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteNo[num - CS_TEAMVOTE_NO] = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:409:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.intermissionStarted = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:609:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[10000];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:801:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chats[MAX_VOICESOUNDS][MAX_CHATSIZE];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headmodel[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:831:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_VOICEFILESIZE];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:962:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_VOICEFILESIZE];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1029:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128], *headModelName;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_SAY_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAX_SAY_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1213:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &voiceChatBuffer[0],vchat,sizeof( bufferedVoiceChat_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1301:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
voiceOnly = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1302:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clientNum = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1303:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
color = atoi( CG_Argv( 3 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1306:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
origin[0] = atoi( CG_Argv( 5 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1307:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
origin[1] = atoi( CG_Argv( 6 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1308:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
origin[2] = atoi( CG_Argv( 7 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1354:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SAY_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1454:90: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CG_PriorityCenterPrint( s, SCREEN_HEIGHT - ( SCREEN_HEIGHT * 0.25 ), SMALLCHAR_WIDTH, atoi( CG_Argv( 2 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1494:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( CG_Argv( 2 ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1517:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( CG_Argv( 2 ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1573:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.complaintClient = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1602:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader1[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1603:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader2[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1604:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader3[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_snapshot.c:152:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->currentState, state, sizeof( entityState_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_snapshot.c:173:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prevmap[64] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_snapshot.c:174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curmap[64];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_snapshot.c:277:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->nextState, es, sizeof( entityState_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_sound.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_sound.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_sound.c:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soundFiles[MAX_SOUND_FILES][MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_sound.c:373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_BUFFER];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_sound.c:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_spawn.c:71:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*out = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_spawn.c:148:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, string, l + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_spawn.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_spawn.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_trails.c:701:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mid.modulate[l] = ( unsigned char )( mod[l] / 4.0 );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_view.c:389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32]; // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_view.c:1377:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) ) { // this camera has fog
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_view.c:1401:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fogStart = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_view.c:1408:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fogEnd = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:926:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20000];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:988:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:994:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:1012:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].loopFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:1029:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:1035:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:1043:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].moveSpeed |= ( ( atoi( token ) ) << 8 ); // use 2nd byte for draw bits
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:1068:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH], comppath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4029:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bank = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_weapons.c:4091:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_avi.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:230:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:269:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cl.gameState.stringData + cl.gameState.dataCount, dup, len + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:291:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bigConfigString[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:927:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[256];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:952:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) == memusage ) { // if it is the same, abort this process
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:342:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 32);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:361:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 16);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:380:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 32);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:413:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 8);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:414:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst+spl, src+8, 8);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cin.c:1452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:353:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tbuf, con.text, CON_TEXTSIZE * sizeof( short ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:663:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:669:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_input.c:79:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k = atoi( c );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_input.c:103:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
b->downtime = atoi( c );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_input.c:116:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k = atoi( c );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_input.c:139:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uptime = atoi( c );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( str, edit->buffer + prestep, drawLen );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1578:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_EDIT_LINE-1];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1827:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tinystr[5];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1984:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ MAX_STRING_CHARS ], *p = buf, *end;
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2495:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char consoleSaveBuffer[ MAX_CONSOLE_SAVE_BUFFER ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2529:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
historyEditLines[ i ].cursor = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2534:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
historyEditLines[ i ].scroll = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2539:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numChars = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:161:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_reconnectArgs[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:162:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_oldGame[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:189:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char autoupdateFilename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:258:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int id = atoi(idstr);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:275:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int id = atoi(idstr);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:312:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(Cmd_Argv(2));
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:582:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (encio == NULL) encio = fopen("voip-outgoing-encoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:585:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (decio == NULL) decio = fopen("voip-outgoing-decoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:727:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char demoName[MAX_QPATH]; // compiler bug workaround
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:729:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ MAX_STRING_CHARS ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1083:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demoExt[ 16 ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1099:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retry[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1124:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
protocol = atoi(ext_test + ARRAY_LEN(DEMOEXT));
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1620:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nums[64];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAX_RCON_MESSAGE];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cMsg[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char missingfiles[1024];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2463:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[MAX_INFO_STRING + 10];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2780:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi(c);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2785:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ver = atoi(strver);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2838:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clc.challenge = atoi(Cmd_Argv(1));
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2840:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clc.onlyVisibleClients = atoi( Cmd_Argv( 2 ) ); // DHM - Nerve
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2877:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi(c);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3178:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3179:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverName[ MAX_OSPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char groupStr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemStr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3354:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cacheIndex = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dllName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[512];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ MAX_OSPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3790:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[ QKEY_SIZE ];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4208:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->clients = atoi( Info_ValueForKey( info, "clients" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4211:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->maxClients = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4213:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->gameType = atoi( Info_ValueForKey( info, "gametype" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4214:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->netType = atoi( Info_ValueForKey( info, "nettype" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4215:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->minPing = atoi( Info_ValueForKey( info, "minping" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4216:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->maxPing = atoi( Info_ValueForKey( info, "maxping" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4217:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->allowAnonymous = atoi( Info_ValueForKey( info, "sv_allowAnonymous" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4218:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->friendlyFire = atoi( Info_ValueForKey( info, "friendlyFire" ) ); // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4219:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->maxlives = atoi( Info_ValueForKey( info, "maxlives" ) ); // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4220:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->tourney = atoi( Info_ValueForKey( info, "tourney" ) ); // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4221:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->punkbuster = atoi( Info_ValueForKey( info, "punkbuster" ) ); // DHM - Nerve
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4223:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->antilag = atoi( Info_ValueForKey( info, "g_antilag" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4224:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->g_humanplayers = atoi( Info_ValueForKey( info, "g_humanplayers" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4225:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->g_needpass = atoi( Info_ValueForKey( info, "g_needpass" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4287:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prot = atoi( Info_ValueForKey( infoString, "protocol" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4619:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024], *masteraddress;
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4621:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((count = Cmd_Argc()) < 3 || (masterNum = atoi(Cmd_Argv(1))) < 0 || masterNum > MAX_MASTER_SERVERS)
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4632:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "sv_master%d", i);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4650:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "sv_master%d", masterNum);
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4893:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &pingptr->adr, &to, sizeof( netadr_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4909:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4964:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &cl_pinglist[j].adr, &server[i].adr, sizeof( netadr_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5096:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chs[3];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char original[MAX_TRANS_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char translated[MAX_LANGUAGES][MAX_TRANS_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5229:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static trans_t* AllocTrans( char *original, char *translated[MAX_LANGUAGES] ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5229:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static trans_t* AllocTrans( char *original, char *translated[MAX_LANGUAGES] ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5274:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static trans_t* LookupTrans( char *original, char *translated[MAX_LANGUAGES], qboolean isLoading ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5274:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static trans_t* LookupTrans( char *original, char *translated[MAX_LANGUAGES], qboolean isLoading ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5422:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format_org[128], format_trans[128];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char translated[MAX_LANGUAGES][MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5476:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char original[MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5682:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5711:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buf, "(null)" );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5801:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *svc_strings[256] = {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:483:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cl.serverId = atoi( Info_ValueForKey( systemInfo, "sv_serverid" ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:505:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cl_connectedToCheatServer = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:581:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clc.sv_allowDownload = atoi(Info_ValueForKey(serverInfo,
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldGame[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:637:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cl.gameState.stringData + cl.gameState.dataCount, s, len + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:698:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_MSGLEN];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:839:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char encoded[4000];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:933:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (encio == NULL) encio = fopen("voip-incoming-encoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:936:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (decio == NULL) decio = fopen("voip-incoming-decoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[11];
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_ui.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH]; // extracted from CS_SERVERINFO
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char limboChatMsgs[LIMBOCHAT_HEIGHT][LIMBOCHAT_WIDTH * 3 + 1];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char translationVersion[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servername[MAX_OSPATH]; // name of server from original connect (used by reconnect)
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverMessage[MAX_STRING_TOKENS]; // for display on connection dialog
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reliableCommands[MAX_RELIABLE_COMMANDS][MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverCommands[MAX_RELIABLE_COMMANDS][MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadTempName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadURL[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sv_dlURL[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadList[MAX_INFO_STRING]; // list of paks we need to download
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demoName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:266:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char timeDemoDurations[ MAX_TIMEDEMO_DURATIONS ]; // log of frame durations
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostName[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapName[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char game[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gameName[MAX_NAME_LENGTH]; // Arnout
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateChallenge[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateInfoString[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:390:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char autoupdateServerNames[MAX_AUTOUPDATE_SERVERS][MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/client.h:403:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cl_oldGame[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:56:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t name[256];
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:61:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t identity[256];
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:63:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char context[256];
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:64:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t description[2048];
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[256];
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lm->context, context, len);
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.c:62:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rtn = codec->open(localName);
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.c:99:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rtn = codec->open(altName);
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.h:63:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
CODEC_OPEN open;
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec_wav.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[5];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec_wav.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dump[16];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s_backgroundLoop[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4][16];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem[2][16];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:187:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[0], "16bit");
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:188:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[1], "adpcm");
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:189:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[2], "daub4");
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:190:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[3], "mulaw");
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:191:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mem[0], "paged out");
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:192:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mem[1], "resident ");
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:1275:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rawsamples[dst].left = ((char *)data)[src*2] * intVolumeLeft;
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:1276:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rawsamples[dst].right = ((char *)data)[src*2+1] * intVolumeRight;
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_local.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soundName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_local.h:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loop[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:2001:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s_backgroundLoop[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:2658:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devicenames[16384] = "";
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:2777:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inputdevicenames[16384] = "";
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c:232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c:417:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( client->ps.weapons, weaponInfo->startingWeapons, sizeof( weaponInfo->startingWeapons ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loading[4];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c:717:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( strlen( loading ) > 0 && atoi( loading ) != 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c:718:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !reloading && atoi( loading ) == 2 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_debug.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *aifuncs[MAX_AIFUNCS];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_debug.c:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_fight.c:260:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( enemies, sortedEnemies, sizeof( int ) * enemyCount );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:246:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int1 = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:248:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int2 = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:250:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eInt = atoi( event->params );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char params[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:534:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cs->castScriptEvents, cast_temp_events, sizeof( cast_script_event_t ) * numEventItems );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:456:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:653:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->castScriptStatus.scriptNoAttackTime = level.time + atoi( params );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, tokens[3][MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:759:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
endtime = cs->castScriptStatus.castScriptStackChangeTime + atoi( tokens[1] );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:884:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Add_Ammo( &g_entities[cs->entityNum], weapon, atoi( token ), qtrue );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:940:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int spillover = atoi( token ) - ammoTable[weapon].maxclip;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:948:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[cs->entityNum].client->ps.ammoclip[weapon] = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1417:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return ( ( cs->castScriptStatus.castScriptStackChangeTime + atoi( token ) ) < level.time );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, lastToken[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1475:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bufferIndex = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1492:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] += atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1497:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] < atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1505:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] > atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1513:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] != atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1521:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] == atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1529:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] |= ( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1534:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] &= ~( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1539:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1547:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !( cs->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1555:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1560:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] = rand() % atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1670:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
player->missionLevel = atoi( params );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:1885:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pch, *newstr, cmd[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:2007:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->castScriptStatus.scriptNoSightTime = level.time + atoi( params );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:2352:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[cs->entityNum].health = atoi( params );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:2353:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[cs->entityNum].client->ps.stats[STAT_HEALTH] = atoi( params );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script_actions.c:2389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_think.c:1094:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( move->touchents, pm.touchents, sizeof( pm.touchents ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_think.c:1146:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &ucmd, &cs->bs->lastucmd, sizeof( usercmd_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:79:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:106:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:135:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:154:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:166:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:187:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:199:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:221:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:236:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:267:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mapname[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:414:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:579:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( name, "[world]" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:660:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:766:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:886:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:939:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:1030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &cp->goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyarea[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addressedto[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botname[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE], netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:589:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:664:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1076:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1077:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char goalname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1245:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &tmpgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE], teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char enemy[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag[128], netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeswitch[MAX_NODESWITCHES + 1][144];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:291:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:463:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:490:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:540:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:570:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:637:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( buf, " to " );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:677:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->curpatrolpoint->goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:761:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:818:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->lead_teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:1263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skin[128], *p;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:208:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->teamgoal, &ctf_redflag, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:209:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
} else { memcpy( &bs->teamgoal, &ctf_blueflag, sizeof( bot_goal_t ) );}
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128] = {0};
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:561:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:931:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->teamgoal, goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:996:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bestgoal, &goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1939:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_INFO_STRING], tmpmodel[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[128], classname[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetname[10][128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[128], model[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2315:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelindex = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botname[MAX_NETNAME], message[MAX_MESSAGE_SIZE], netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gender[144], name[144];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2772:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2863:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2892:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:155:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( state, &ent->client->ps, sizeof( playerState_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:178:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( state, &ent->s, sizeof( entityState_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vars[MAX_MATCHVARIABLES];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *args;
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[144], name[144], gender[144];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:657:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->settings, settings, sizeof( bot_settings_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:781:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &settings, &bs->settings, sizeof( bot_settings_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:782:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &ps, &bs->cur_ps, sizeof( playerState_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:802:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->cur_ps, &ps, sizeof( playerState_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:803:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->settings, &settings, sizeof( bot_settings_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1050:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1131:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buf, "20" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.h:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamleader[MAX_NETNAME]; //netname of the team leader
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.h:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subteam[32]; //sub team name
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:89:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:145:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamchat[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], carriername[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], carriername[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defineStrings[10000]; // stores the actual strings
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:583:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animModelInfo->version = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:635:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:654:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:661:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].loopFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:681:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:688:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].animBlend = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:738:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skip = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:741:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:749:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:776:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void BG_ParseConditionBits( char **text_pp, animStringItem_t *stringTable, int condIndex, int result[RESULT_SIZE] ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:780:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentString[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1009:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
command->animDuration[partIndex] = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1182:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &defineStr[ANIM_COND_ENEMY_WEAPON][0], &defineStr[ANIM_COND_WEAPON][0], sizeof( animStringItem_t ) * MAX_ANIM_DEFINES );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:321:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:321:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:327:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:327:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[count] = c;
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:348:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *memcpy( void *dest, const void *src, size_t count ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[count] = ((char *)src)[count];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:350:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[count] = ((char *)src)[count];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:1164:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atoi( const char *string ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:1823:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char convert[24];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:1940:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconvert[20];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:1941:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fconvert[20];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:101:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atoi( const char *string );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:112:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *memcpy( void *dest, const void *src, size_t count );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_misc.c:3863:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_public.h:1034:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_public.h:1218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *world_model[MAX_ITEM_MODELS];
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_public.h:1595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelname[MAX_QPATH]; // name of the model
data/iortcw-1.51.c+dfsg1/MP/code/game/g_antilag.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_antilag.c:180:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
period = atoi(buffer);
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_botInfos[MAX_BOTS][MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_arenaInfos[MAX_ARENAS][MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ARENAS_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:416:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:482:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
settings.skill = atoi( Info_ValueForKey( userinfo, "skill" ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:648:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:669:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skill = Com_Clamp( 1, 5, atoi( string ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:680:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi( string );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:705:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bots[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_bot.c:762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_BOTS_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelsUsed[MAX_ANIMSCRIPT_MODELS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1234:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[100000]; // <- was causing callstacks >64k
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH], modelname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1330:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( userinfo, "\\name\\badinfo" );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1337:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1345:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1353:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1380:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->pers.maxHealth = atoi( Info_ValueForKey( userinfo, "handicap" ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:1736:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_client.c:2202:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
anim->moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1000];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:142:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:154:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( line + len, arg, tlen );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cleanName[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:207:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:257:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
amount = atoi( amt );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:716:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.latchPlayerType = atoi( ptype );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:717:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.latchPlayerWeapon = atoi( weap );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:718:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.latchPlayerItem = atoi( grenade );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:719:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.latchPlayerSkin = atoi( skinnum );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:770:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptype[4], weap[4], pistol[4], grenade[4], skinnum[4];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1002:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1004:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SAY_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[64];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1267:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
targetNum = atoi( arg );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1391:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
order = atoi( arg );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg2[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1537:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( arg2 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1557:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1567:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1600:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cleanName[64]; // JPW NERVE
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1774:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1844:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:2379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:2387:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entnum = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:2390:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enemynum = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:2393:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:2469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:2478:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clent->client->sess.spawnObjectiveIndex = atoi( arg ); // JPW NERVE
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:2490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_items.c:1214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_ITEMS + 1];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:671:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:672:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteDisplayString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamVoteString[2][MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spawnVars[MAX_SPAWN_VARS][2]; // key / value pairs
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnVarChars[MAX_SPAWN_VARS_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:1055:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char characterfile[MAX_FILEPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_local.h:1242:62: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void trap_AdjustAreaPortalState( gentity_t *ent, qboolean open );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:962:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1098:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1158:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS]; // DHM - Nerve
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1740:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
winner = atoi( buf );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nextmap[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d1[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1976:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1980:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defender = atoi( Info_ValueForKey( cs, "defender" ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1983:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
winner = atoi( Info_ValueForKey( cs, "winner" ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:2113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:2121:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a = atoi( buf );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:2151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:2152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[5];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:2495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[20];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_mem.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[POOLSIZE];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:1030:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->damage = atoi( damage );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:2075:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->damage = atoi( damage );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:2549:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->damage = atoi( damage );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_missile.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[64]; //DAJ
data/iortcw-1.51.c+dfsg1/MP/code/game/g_mover.c:4230:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->damage = atoi( damage );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_mover.c:4269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c:3275:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->s.frame = atoi( startonframe );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_props.c:3287:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->props_frame_state = atoi( loop );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:176:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int1 = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:178:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int2 = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:180:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eInt = atoi( event->params );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char params[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ent->scriptEvents, g_temp_events, sizeof( g_script_event_t ) * numEventItems );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:471:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &scriptStatusBackup, &ent->scriptStatus, sizeof( g_script_status_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:482:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &ent->scriptStatus, &scriptStatusBackup, sizeof( g_script_status_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:263:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, name[MAX_QPATH], trigger[MAX_QPATH], *token;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sound[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, tokens[2][MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:384:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
startframe = atoi( tokens[0] );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:385:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
endframe = atoi( tokens[1] );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:410:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
endtime = ent->scriptStatus.scriptStackChangeTime + atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:421:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rate = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, lastToken[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:526:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bufferIndex = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:543:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] += atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:548:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] < atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:556:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] > atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:564:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] != atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:572:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] == atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:580:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] |= ( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:585:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] &= ~( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:590:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:598:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !( ent->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:606:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:611:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] = rand() % atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:659:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
player->missionLevel = atoi( params );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:715:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
angles[i] = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:725:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:965:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:989:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1068:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1078:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1114:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1160:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1204:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1250:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1294:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1343:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1385:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1395:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:1441:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_session.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_session.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_session.c:225:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gt = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:71:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*out = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:802:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*( int * )( b + f->ofs ) = atoi( value );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:897:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, string, l + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:916:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:997:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[ENTITYNUM_WORLD].spawnflags = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compare[33];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:130:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
b[i] = atoi( num );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iplist_final[MAX_CVAR_VALUE_STRING] = {0};
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[64] = {0};
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:473:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:618:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_syscalls.c:178:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void trap_AdjustAreaPortalState( gentity_t *ent, qboolean open ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_syscalls.c:179:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
syscall( G_ADJUST_AREA_PORTAL_STATE, ent, open );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:1111:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->start_size = atoi( rampup ) * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_target.c:1117:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->end_size = atoi( rampdown ) * 1000;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS]; // NERVE - SMF
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:819:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defendingTeam = atoi( def );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:960:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[1024];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:961:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1400];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:1168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numspawntargets[128];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:1170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_tramcar.c:694:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:942:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:69:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[MAX_STRING_CHARS * 4];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[( MAX_QPATH * 2 ) + 5];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:337:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[8][32];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_utils.c:350:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[8][64];
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:324:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ammo,traceEnt->client->ps.ammo,sizeof( int ) * MAX_WEAPONS );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:325:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ammoclip,traceEnt->client->ps.ammoclip,sizeof( int ) * MAX_WEAPONS );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:326:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( weapons,traceEnt->client->ps.weapons,sizeof( int ) * ( MAX_WEAPONS / ( sizeof( int ) * 8 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:330:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( traceEnt->client->ps.ammo,ammo,sizeof( int ) * MAX_WEAPONS );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:331:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( traceEnt->client->ps.ammoclip,ammoclip,sizeof( int ) * MAX_WEAPONS );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_weapon.c:332:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( traceEnt->client->ps.weapons,weapons,sizeof( int ) * ( MAX_WEAPONS / ( sizeof( int ) * 8 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/null/null_glimp.c:57:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] ) {
data/iortcw-1.51.c+dfsg1/MP/code/null/null_glimp.c:57:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] ) {
data/iortcw-1.51.c+dfsg1/MP/code/null/null_glimp.c:57:82: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] ) {
data/iortcw-1.51.c+dfsg1/MP/code/null/null_main.c:59:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen( ospath, mode );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_load.c:113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cm.shaders, in, count * sizeof( *cm.shaders ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_load.c:463:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cm.entityString, cmod_base + l->fileofs, l->filelen );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_load.c:489:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cm.visibility, buf + VIS_HEADER, len - VIS_HEADER );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_local.h:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_patch.c:1182:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pf->facets, facets, numFacets * sizeof( *pf->facets ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_patch.c:1184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pf->planes, planes, numPlanes * sizeof( *pf->planes ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_polylib.c:118:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( w->p, p, nump * sizeof( p[0] ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_polylib.c:671:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( hullPoints, ( *hull )->p, numHullPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_polylib.c:730:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( hullPoints, newHullPoints, numHullPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_polylib.c:737:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( w->p, hullPoints, numHullPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_public.h:69:70: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void CM_AdjustAreaPortalState( int area1, int area2, qboolean open );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_test.c:398:66: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void CM_AdjustAreaPortalState( int area1, int area2, qboolean open ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cm_test.c:407:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( open ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:61:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmd_wait = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &cmd_text.data[cmd_text.cursize], text, l );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:134:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cmd_text.data, text, len - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_CMD_LINE];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( line, text, i );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:352:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *cmd_argv[MAX_STRING_TOKENS]; // points into cmd_tokenized
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:353:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_tokenized[BIG_INFO_STRING + MAX_STRING_TOKENS]; // will have 0 bytes inserted
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:354:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_cmd[BIG_INFO_STRING]; // the original command we received (no token processing)
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:400:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_args[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:422:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_args[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *com_argv[MAX_NUM_ARGVS + 1];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:139:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_errorMessage[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:429:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *com_consoleLines[MAX_CONSOLE_LINES];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:628:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_filter[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dump[32], *ptr;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1524:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2483:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_cdkey[34] = " ";
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2485:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_cdkey[34] = "123456789";
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[33];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2497:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuffer[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2526:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[33];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2527:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuffer[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuffer[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[17];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2950:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3399:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char shortestMatch[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[ TRUNCATE_LENGTH ];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:218:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[ MAX_CVAR_VALUE_STRING ];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:320:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char clean[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:480:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
var->integer = atoi( var->string );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:660:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
var->integer = atoi( var->string );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[32];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:728:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[32];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:958:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:1273:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:1294:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakPathname[MAX_OSPATH]; // c:\quake3\baseq3
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakFilename[MAX_OSPATH]; // c:\quake3\baseq3\pak0.pk3
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakBasename[MAX_OSPATH]; // pak0
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakGamename[MAX_OSPATH]; // baseq3
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_OSPATH]; // c:\quake3
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[MAX_OSPATH]; // c:\quake3\baseq3
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:252:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gamedir[MAX_OSPATH]; // baseq3
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:263:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fs_gamedir[MAX_OSPATH]; // this will be a single file name with no separators
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:318:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *fs_serverPakNames[MAX_SEARCH_PATHS]; // pk3 names
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:324:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *fs_serverReferencedPakNames[MAX_SEARCH_PATHS]; // pk3 names
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:327:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidBase[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:328:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidComBaseGame[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:329:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidFsBaseGame[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:330:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidGame[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:526:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ospath[2][MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:552:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1127:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
protocol = atoi(ext_test + ARRAY_LEN(DEMOEXT));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1170:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dllName[MAX_OSPATH], qvmName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1897:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename_inzip[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2469:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int FS_AddFileToList( char *name, char *list[MAX_FOUND_FILES], int nfiles ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2469:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int FS_AddFileToList( char *name, char *list[MAX_FOUND_FILES], int nfiles ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2497:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[MAX_FOUND_FILES];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2505:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zpath[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descPath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curpath[MAX_OSPATH + 1], *pakfile;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sorted[MAX_PAKFILES];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3240:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sorted[i],"zz",2 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sorted[i],"mp",2 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3439:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3807:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorText[MAX_STRING_CHARS] = "";
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3808:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char missingPaks[MAX_STRING_CHARS] = "";
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3951:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorText[MAX_STRING_CHARS] = "";
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3983:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4009:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4039:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4065:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4091:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4127:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4208:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs_serverPaks[i] = atoi( Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4264:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs_serverReferencedPaks[i] = atoi( Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4507:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ MAX_STRING_CHARS ];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teststring[ BIG_INFO_STRING ];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/json.h:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cValue[256];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/json.h:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cValue[256];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/json.h:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cValue[256];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:25:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[64];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:189:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, len);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:192:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, t);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:201:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, 64);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:210:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, len);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:257:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, ctx->buf, 16);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:264:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char final[33] = {""};
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/md5.c:265:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16] = {""};
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c:324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c:350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c:453:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c:483:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c:513:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *netsrcString[2] = {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:371:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( chan->fragmentBuffer + chan->fragmentLength,
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:393:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( msg->data + 4, chan->fragmentBuffer, chan->fragmentLength );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:461:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( net_message->data, loop->msgs[i].data, loop->msgs[i].datalen );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:479:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( loop->msgs[i].data, data, length );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:580:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_MSGLEN];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:638:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[MAX_STRING_CHARS], *search;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:689:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->port = BigShort((short) atoi(port));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IF_NAMESIZE];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:319:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sadr, search->ai_addr, search->ai_addrlen);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:458:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:478:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:636:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char socksBuf[4096];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:672:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &socksBuf[10], data, length );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1072:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1160:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &buf[2], net_socksUsername->string, ulen );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1164:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &buf[3 + ulen], net_socksPassword->string, plen );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1264:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&localIP[numIP].addr, addr, addrlen);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1265:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&localIP[numIP].netmask, netmask, addrlen);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[256];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/pbmd5.c:61:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[64]; /* input buffer */
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/pbmd5.c:62:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16]; /* actual digest after MD5Final call */
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/pbmd5.c:107:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char PADDING[64] = {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/pbmd5.c:345:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ret[33];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:345:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:346:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_parsename[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:388:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:399:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1120:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp_buffer[MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1121:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_VA_STRING]; // in case va is called by nested functions
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1140:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buf, temp_buffer, len + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1214:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char value[2][BIG_INFO_VALUE]; // use two buffers so compares
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[MAX_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:395:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define Com_Memcpy memcpy
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:848:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:1058:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:1238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stringData[MAX_GAMESTATE_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:1673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[32];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.h:1679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:848:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_EDIT_LINE];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qcommon.h:869:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cl_cdkey[34];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // tag name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // tag name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:363:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Comp[24]; // MC_COMP_BYTES is in MatComp.h, but don't want to couple
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:381:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // name of tag
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // name of bone
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:639:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/qfiles.h:684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:97:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbols[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:547:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:1026:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("syscalls.log", "w" );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c:108:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vm_opInfo[256] =
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c:179:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *opnames[256] = {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c:257:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("code.bin", O_TRUNC|O_WRONLY|O_CREAT, 0644);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vm->codeBase+vm->codeLength, &isn, 4);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c:668:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[4];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c:677:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg.b, &code[pc], 4);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_armv7l.c:1184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argPointer, args, 4 * MAX_VMMAIN_ARGS );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_interpreted.c:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *opnames[256] = {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_interpreted.c:139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&word, addr, 4);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_local.h:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symName[1]; // variable sized
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_local.h:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc.c:196:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vm_opInfo[256] =
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc.c:486:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(di_now->code[0]), is, iBytes );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc.c:1839:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( codeNow, &(di_now->code[0]), di_now->length * sizeof( ppc_instruction_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc.c:2034:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[4];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc.c:2104:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argPointer, args, 4 * MAX_VMMAIN_ARGS );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_powerpc_asm.c:64:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char operands[8];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:60:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char args[4];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:412:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vm_opInfo[256] =
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:482:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *opnames[256] = {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:696:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dp->code[0], fp->insn_buf, insns_size);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:837:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(currentVM->dataBase+dest, currentVM->dataBase+src, count);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:1466:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code_now, &dp->code[0], dp->length * sizeof(unsigned int));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:1603:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[4];
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm_sparc.c:1655:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argPointer, args, 4 * MAX_VMMAIN_ARGS );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_animation.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char validBones[MDS_MAX_BONES];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_animation.c:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newBones[ MDS_MAX_BONES ];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_animation.c:1015:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bonePtr->matrix, tmpAxis, sizeof( tmpAxis ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_animation.c:1027:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( oldBones, bones, sizeof( bones[0] ) * header->numBones );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_backend.c:1970:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:173:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ColorToRGBM(const vec3_t color, unsigned char rgbm[4])
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:327:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:387:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(color, &buf_p[j*12], 12);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:593:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, buf + 8, len - 8 );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:1961:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2214:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out, in, count * sizeof( *out ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2548:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( w->lightGridData, ( void * )( fileBase + l->fileofs ), l->filelen );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2559:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2730:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_ParseSpawnVars( char *spawnVarChars, int maxSpawnVarChars, int *numSpawnVars, char *spawnVars[MAX_SPAWN_VARS][2] )
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2730:90: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_ParseSpawnVars( char *spawnVarChars, int maxSpawnVarChars, int *numSpawnVars, char *spawnVars[MAX_SPAWN_VARS][2] )
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2803:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2850:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cubemapJson, *keyValueJson, *indexes[3];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2875:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnVarChars[2048];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spawnVars[MAX_SPAWN_VARS][2];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2904:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2982:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:3228:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:3243:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fileName, "primarylg%d.tga", i);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_curve.c:386:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_curve.c:389:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_curve.c:399:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_curve.c:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_extensions.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[256];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_fbo.h:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_font.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:170:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msgPart[1024];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uniformName[1000];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpCode[32000];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpCode[32000];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:926:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extradefines[1024];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:41:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char s_gammatable[256];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:2371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:2388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ddsName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:2510:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char normalName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3033:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char surfName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3377:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( skin->surfaces, parseSurfaces, skin->numSurfaces * sizeof( skinSurface_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3554:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_CropImage( char *name, byte **pic, int border, int *width, int *height, int lastBox[2] ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3894:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], outfilename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3925:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3937:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3947:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3989:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3989:98: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3989:124: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_bmp.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[2];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_bmp.c:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[256][4];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_jpg.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_jpg.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_pcx.c:41:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[48];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_pcx.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filler[54];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_png.c:693:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CompressedDataPtr, OrigCompressedData, Length);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_index, &buf_p[3], 2);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:84:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_length, &buf_p[5], 2);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.x_origin, &buf_p[8], 2);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:87:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.y_origin, &buf_p[10], 2);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:88:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.width, &buf_p[12], 2);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.height, &buf_p[14], 2);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:295:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (flip, src, columns*4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:296:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (src, dst, columns*4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image_tga.c:297:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, flip, columns*4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[64];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:385:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_ENUM" );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:388:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_VALUE" );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:391:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_OPERATION" );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:394:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_OVERFLOW" );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:397:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_UNDERFLOW" );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:400:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_OUT_OF_MEMORY" );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:671:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fileName[MAX_OSPATH]; // bad things if two screenshots per frame?
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:748:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:819:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:1127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgName[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:543:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:799:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:835:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_RENDER_STRINGS][MAX_RENDER_STRING_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:876:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:884:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MAX_QPATH]; // md3_lower, md3_lbelt, md3_rbelt, etc.
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:885:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH]; // lower.md3, belt1.md3, etc.
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:1112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:1244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // ie: maps/tim_dm2.bsp
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:1245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[MAX_QPATH]; // ie: tim_dm2
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:1311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // tag name
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:1330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:1376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:2228:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256],
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:2229:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char green[256],
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_local.h:2230:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blue[256] );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_main.c:123:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_CURRENT], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_main.c:127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_MAP], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_main.c:130:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_TARGET], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_main.c:725:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_main.c:730:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_main.c:766:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_marks.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( outPoints, inPoints, numInPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], namebuf[MAX_QPATH+20];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:991:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:999:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1003:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1007:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1018:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1022:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1026:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1030:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1471:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1479:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1483:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1487:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1498:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1502:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1506:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1510:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:2283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tagName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meshName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:980:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &iqmData->positions[vtx*3], sizeof(float) * 3);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:984:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &iqmData->texcoords[vtx*2], sizeof(float) * 2);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:998:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &blendIndexes[vtx*4], sizeof(byte) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:1003:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &blendWeights.f[vtx*4], sizeof(float) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:1006:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &blendWeights.b[vtx*4], sizeof(byte) * 4);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_scene.c:155:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, verts, numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_scene.c:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, &verts[numVerts * j], numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:1261:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "";
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:1493:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *suf[6] = {"rt", "bk", "lf", "ft", "up", "dn"};
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:1494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:2319:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char normalName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:2365:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char specularName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffers[MAX_SHADER_FILES] = {NULL};
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3725:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3744:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3752:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ext, ".mtr");
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_subs.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_subs.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:273:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].xyz, sizeof(verts[i].xyz));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:277:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].normal, sizeof(verts[i].normal));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:281:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].tangent, sizeof(verts[i].tangent));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:285:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].st, sizeof(verts[i].st));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:289:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].lightmap, sizeof(verts[i].lightmap));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:293:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].color, sizeof(verts[i].color));
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].lightdir, sizeof(verts[i].lightdir));
data/iortcw-1.51.c+dfsg1/MP/code/renderer/iqm.h:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_animation.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char validBones[MDS_MAX_BONES];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_animation.c:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newBones[ MDS_MAX_BONES ];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_animation.c:1010:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bonePtr->matrix, tmpAxis, sizeof( tmpAxis ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_animation.c:1022:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( oldBones, bones, sizeof( bones[0] ) * header->numBones );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, buf + 8, len - 8 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:1707:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out, in, count * sizeof( *out ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:2040:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( w->lightGridData, ( void * )( fileBase + l->fileofs ), l->filelen );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:2056:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:2057:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_curve.c:311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_curve.c:314:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_curve.c:320:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_curve.c:323:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_font.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:39:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char s_gammatable[256];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:475:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( in, temp, outWidth * outHeight * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1025:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( scaledBuffer, data, width * height * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1041:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( scaledBuffer, data, width * height * 4 );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1690:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1887:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char surfName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2034:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( skin->surfaces, parseSurfaces, skin->numSurfaces * sizeof( skinSurface_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2211:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_CropImage( char *name, byte **pic, int border, int *width, int *height, int lastBox[2] ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], outfilename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2580:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2592:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2602:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2644:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2644:98: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:2644:124: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_bmp.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[2];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_bmp.c:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[256][4];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_jpg.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_jpg.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_pcx.c:41:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[48];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_pcx.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filler[54];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_png.c:693:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CompressedDataPtr, OrigCompressedData, Length);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_index, &buf_p[3], 2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:84:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_length, &buf_p[5], 2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.x_origin, &buf_p[8], 2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:87:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.y_origin, &buf_p[10], 2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:88:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.width, &buf_p[12], 2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.height, &buf_p[14], 2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:295:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (flip, src, columns*4);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:296:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (src, dst, columns*4);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image_tga.c:297:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, flip, columns*4);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[64];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:310:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_ENUM" );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:313:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_VALUE" );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:316:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_OPERATION" );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:319:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_OVERFLOW" );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:322:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_UNDERFLOW" );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:325:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_OUT_OF_MEMORY" );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:608:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fileName[MAX_OSPATH]; // bad things if two screenshots per frame?
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:1032:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgName[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_RENDER_STRINGS][MAX_RENDER_STRING_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:528:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MAX_QPATH]; // md3_lower, md3_lbelt, md3_rbelt, etc.
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH]; // lower.md3, belt1.md3, etc.
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // ie: maps/tim_dm2.bsp
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:805:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[MAX_QPATH]; // ie: tim_dm2
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:859:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:1445:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256],
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:1446:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char green[256],
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_local.h:1447:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blue[256] );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_main.c:227:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_CURRENT], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_main.c:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_MAP], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_main.c:234:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_TARGET], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_main.c:600:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_main.c:605:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_main.c:641:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_marks.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( outPoints, inPoints, numInPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], namebuf[MAX_QPATH+20];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:770:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( md3Frame_t * )( (byte *)mdc + mdc->ofsFrames ), ( md3Frame_t * )( (byte *)md3 + md3->ofsFrames ), mdcHeader.numFrames * sizeof( md3Frame_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:773:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( mdcTagName_t * )( (byte *)mdc + mdc->ofsTagNames ) + j, ( ( md3Tag_t * )( (byte *)md3 + md3->ofsTags ) + j )->name, sizeof( mdcTagName_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:818:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsTriangles, (byte *)surf + surf->ofsTriangles, cSurf->numTriangles * sizeof( md3Triangle_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:820:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsShaders, (byte *)surf + surf->ofsShaders, cSurf->numShaders * sizeof( md3Shader_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:822:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsSt, (byte *)surf + surf->ofsSt, cSurf->numVerts * sizeof( md3St_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:830:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsXyzNormals + ( sizeof( md3XyzNormal_t ) * cSurf->numVerts * i ),
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:899:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mod->mdc[lod], buffer, LittleLong( pinmodel->ofsEnd ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:1112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mod->md3[lod], buffer, LittleLong( pinmodel->ofsEnd ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:2073:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tagName[MAX_QPATH]; //, *ch;
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model_iqm.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meshName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_scene.c:151:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, verts, numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_scene.c:227:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, &verts[numVerts * j], numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade.c:351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx, input->xyz[i], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade.c:352:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+1, temp, sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade.c:734:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tess.svars.colors, tess.vertexColors, tess.numVertexes * sizeof( tess.vertexColors[0] ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade.c:743:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tess.svars.colors, tess.vertexColors, tess.numVertexes * sizeof( tess.vertexColors[0] ) );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade_calc.c:669:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char invModulate[4];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:958:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "";
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:1190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *suf[6] = {"rt", "bk", "lf", "ft", "up", "dn"};
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:1191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:2498:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:2557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:2996:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffers[MAX_SHADER_FILES] = {NULL};
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:3001:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:3020:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:407:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:408:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:410:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t+1][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:411:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t+1][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:474:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:475:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:477:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t+1][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_sky.c:478:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t+1][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_subs.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_subs.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_surface.c:364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+i*6, start_points[ i % NUM_BEAM_SEGS], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_surface.c:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+i*6+3, end_points[ i % NUM_BEAM_SEGS], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_types.h:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_RENDER_STRINGS][MAX_RENDER_STRING_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_types.h:282:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char renderer_string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_types.h:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor_string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_types.h:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_types.h:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extensions_string[MAX_STRING_CHARS * 4]; // TTimo - bumping, some cards have a big extension string
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_gamma.c:39:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] )
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_gamma.c:39:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] )
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_gamma.c:39:81: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] )
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ MAX_STRING_CHARS ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:348:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile[6]; // ES, ES-CM, or ES-CL
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_icon.h:7:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pixel_data[32 * 32 * 4 + 1];
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_input.c:454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384] = "";
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_snd.c:86:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream, dma.buffer + pos, len1);
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_snd.c:91:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream+len1, dma.buffer, len2);
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *configstrings[MAX_CONFIGSTRINGS];
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientCommandString[MAX_STRING_CHARS]; // valid command string for SV_Netchan_Encode
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING]; // name, etc
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reliableCommands[MAX_RELIABLE_COMMANDS][MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastClientCommandString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH]; // extracted from userinfo, high bits masked
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_QPATH]; // if not empty string, we are downloading
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:183:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *downloadBlocks[MAX_DOWNLOAD_WINDOW]; // the buffers for the download blocks
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char platform[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/server.h:293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char installer[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_bot.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_bot.c:389:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->points, points, numPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_bot.c:406:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->points, points, numPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cleanName[64];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:72:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int plid = atoi(s);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:136:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:290:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Cvar_VariableString( "g_noTeamSwitching" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:359:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:369:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
old_gs = atoi( Cvar_VariableString( "gamestate" ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:372:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_gs = atoi( Cmd_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:384:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:827:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:879:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
serverBans[index].subnet = atoi(maskpos);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:913:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:922:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writebuf[128];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:985:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*mask = atoi(suffix);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1017:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addy2[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1072:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mask = atoi(Cmd_Argv(2));
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1210:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
todel = atoi(Cmd_Argv(1));
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1440:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( text, "console: " );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1480:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (text, "console_tell: ");
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:114:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clientChallenge = atoi(Cmd_Argv(1));
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:238:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:379:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(Info_ValueForKey(userinfo, "protocol"));
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:397:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi( Info_ValueForKey( userinfo, "challenge" ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:398:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
qport = atoi( Info_ValueForKey( userinfo, "qport" ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:911:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int block = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:960:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorMessage[1024];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:961:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakbuf[MAX_QPATH], *pakptr;
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:966:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1025:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( testname, "updates/" );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1321:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( pArg ) < sv.checksumFeedServerId ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1344:80: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( FS_FileIsInPAK( va( sv_pureVMPaths[i], "cgame" ), &nChkSum1 ) == 1 && atoi( pArg ) == nChkSum1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1361:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( FS_FileIsInPAK( va( sv_pureVMPaths[i], "ui" ), &nChkSum1 ) == 1 && atoi( pArg ) == nChkSum1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1378:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nClientChkSum[i] = atoi( Cmd_Argv( nCurArg++ ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1413:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nServerChkSum[i] = atoi( Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1513:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( val );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1526:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( val );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1537:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(val);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1609:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int id = atoi(idstr);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1988:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, encoded, packetsize);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c:131:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->s.modelindex = atoi( name + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c:209:62: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void SV_AdjustAreaPortalState( sharedEntity_t *ent, qboolean open ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c:216:61: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
CM_AdjustAreaPortalState( svEnt->areanum, svEnt->areanum2, open );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c:848:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( VMA( 1 ), VMA( 2 ), args[3] );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c:503:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systemInfo[16384];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:117:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[1024];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:551:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char player[1024];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:552:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[MAX_MSGLEN];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infostring[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infostring[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:799:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remaining[1024];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:806:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sv_outputbuf[SV_OUTPUTBUF_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:1175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/splines/math_matrix.h:94:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mat, src, sizeof( *src ) );
data/iortcw-1.51.c+dfsg1/MP/code/splines/math_vector.cpp:142:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[ 8 ][ 36 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/math_vector.cpp:149:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( s, "%.2f %.2f %.2f", x, y, z );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parseFile[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32000];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32000];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp:347:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pi->token, *punc, l );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp:463:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:358:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:359:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_parsename[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:419:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:435:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1159:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp_buffer[MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1160:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_VA_STRING]; // in case va is called by nested functions
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1179:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buf, temp_buffer, len + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1279:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char value[2][BIG_INFO_VALUE]; // use two buffers so compares
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[MAX_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:379:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define Com_Memcpy memcpy
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:1092:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:1272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stringData[MAX_GAMESTATE_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:1707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[32];
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_splineshared.h:1713:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:586:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
loadCamera( atoi( param1 ), va( (char *)"cameras/%s.camera", param2 ) );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:960:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = static_cast<idCameraEvent::eventType>( atoi( token ) );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:964:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:1076:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:1095:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atol( token );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:1098:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = static_cast<idCameraPosition::positionType>( atoi( token ) );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:1101:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long t = atol( token );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:1103:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long d = atol( token );
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:1115:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:261:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%f", b );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:276:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%d", b );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:291:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%u", b );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:303:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%f", a );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:315:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%d", a );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:325:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:327:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%u", a );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[0x10000];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 32 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:252:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%.3f", num );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 32 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:266:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%d", num );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 32 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:280:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%u", num );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 2 ];
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 2 ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_log.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char consoleLog[ MAX_LOG ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:336:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[MAX_EDIT_LINE];
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_win32.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char qconsole_history[ QCONSOLE_HISTORY ][ MAX_EDIT_LINE ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_win32.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char qconsole_line[ MAX_EDIT_LINE ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_win32.c:492:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[ MAXPRINTMSG ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char binaryPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char installPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:218:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ( f = fopen( pidFile, "r" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:220:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidBuffer[ 64 ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:228:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = atoi( pidBuffer );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:240:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ( f = fopen( pidFile, "w" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:260:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:356:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[ MAXPRINTMSG ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:526:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libPath[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commandLine[ MAX_STRING_CHARS ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char homePath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char steamPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gogPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:200:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( "/dev/urandom", "r" );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:277:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen( ospath, mode );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:315:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fifo = fopen( ospath, "w+" );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:332:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH], newsubdirs[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:423:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[MAX_FOUND_FILES];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:580:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ 1024 ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:612:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open( ospath, O_CREAT | O_TRUNC | O_WRONLY, 0640 );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:631:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char execBuffer[ 1024 ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:633:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *execArgv[ 16 ];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1012:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exit_cmdline[MAX_CMD] = "";
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1086:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[20];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1087:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:1088:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[MAX_CMD];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char homePath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char steamPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gogPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:101:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR szPath[MAX_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:280:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s_userName[1024];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:284:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_userName, "player" );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:288:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_userName, "player" );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:316:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR szPathOrig[MAX_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:374:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:404:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:432:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen( ospath, mode );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:468:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH], newsubdirs[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[MAX_FOUND_FILES];
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:746:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ 1024 ];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archivedir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ex_argv[MAX_EX_ARGC];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebase[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[4096];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:217:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qdir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:218:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gamedir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:219:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writedir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:300:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:314:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:327:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archivename[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:651:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(fn, mode);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:724:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buffer)[length] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:784:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buffer)[length] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:831:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[128];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:886:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, path, src-path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:967:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atol (str);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:1089:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:1109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dir, path, ofs - path );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.h:49:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#pragma intrinsic( memset, memcpy )
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.h:81:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char qdir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.h:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char gamedir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.h:83:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char writedir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.h:120:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char com_token[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.h:134:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char archivedir[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputFilename[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:190:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *asmFiles[MAX_ASM_FILES];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:191:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *asmFileNames[MAX_ASM_FILES];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:208:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lineBuffer[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:210:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:669:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( lineBuffer, data, (p - data) );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sym[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:743:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sym, token, i );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:766:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sym, token+i+1, j-i-1 );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:923:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1067:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageName[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1322:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( imageName, ".map" );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageName[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1356:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( imageName, ".qvm" );
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:1552:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( outputFilename, "q3asm" );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:126:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:135:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[2][MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gameList[4096];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:290:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi( Info_ValueForKey( info, "g_gametype" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:306:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.accuracy = atoi( UI_Argv( 3 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:307:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.impressives = atoi( UI_Argv( 4 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:308:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.excellents = atoi( UI_Argv( 5 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:309:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.defends = atoi( UI_Argv( 6 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:310:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.assists = atoi( UI_Argv( 7 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:311:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.gauntlets = atoi( UI_Argv( 8 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:312:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.baseScore = atoi( UI_Argv( 9 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:313:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.perfects = atoi( UI_Argv( 10 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:314:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.redScore = atoi( UI_Argv( 11 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:315:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.blueScore = atoi( UI_Argv( 12 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:316:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( UI_Argv( 13 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:317:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.captures = atoi( UI_Argv( 14 ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:408:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader1[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:409:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader2[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:410:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader3[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_botInfos[MAX_BOTS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_arenaInfos[MAX_ARENAS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( token, "<NULL>" );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ARENAS_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:166:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( filename, "scripts/" );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:201:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.mapList[uiInfo.mapCount].Timelimit = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:209:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.mapList[uiInfo.mapCount].AxisRespawnTime = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:217:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.mapList[uiInfo.mapCount].AlliedRespawnTime = atoi( str );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_BOTS_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:327:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( filename, "scripts/" );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_EDIT_LINE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:697:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *teamMembers[TEAM_MEMBERS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:732:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *maps[MAPS_PER_TIER];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:774:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char motd[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:780:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:792:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[MAX_SERVERSTATUS_LINES][4];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SERVERSTATUS_TEXT];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pings[MAX_CLIENTS * 3];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerNames[MAX_CLIENTS][MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:838:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamNames[MAX_CLIENTS][MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:854:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *demoList[MAX_DEMOS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:858:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *movieList[MAX_MOVIES];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverStatusAddress[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:879:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char findPlayerName[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:880:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foundPlayerServerAddresses[MAX_FOUNDPLAYER_SERVERS][MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:881:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foundPlayerServerNames[MAX_FOUNDPLAYER_SERVERS][MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char q3HeadNames[MAX_PLAYERMODELS][64];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_local.h:900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnPoints[MAX_SPAWNPOINTS][MAX_SPAWNDESC];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:182:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char translated_yes[4], translated_no[4];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:326:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char staticbuf[2][MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:578:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:683:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:710:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &color_save[0], &newColor[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:791:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &aux_color[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:802:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &aux_color[0], &next_color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:843:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1098:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUFILE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1362:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cl_language = atoi( UI_Cvar_VariableString( "cl_language" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1367:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[256];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1444:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastName[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1822:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1823:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[256];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1824:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[256];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1834:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( model, "multi" );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:1836:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( model, "multi_axis" );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headmodel[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2419:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2424:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.teamLeader = atoi( Info_ValueForKey( info, "tl" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2425:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team = atoi( Info_ValueForKey( info, "t" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2427:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2438:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team2 = atoi( Info_ValueForKey( info, "t" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2491:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[4096];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2571:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *lines[64];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:2620:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[140];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3166:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char masterstr[2], cvarname[sizeof("sv_master1")];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sglist[4096];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char movielist[4096];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3592:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demolist[NAMEBUFSIZE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demoExt[32];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3668:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4041:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4055:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.spawnCount = atoi( s ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS], overviewImage[MAX_STRING_CHARS], desc[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4102:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numobjectives = atoi( s );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4144:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( UI_Cvar_VariableString( "r_inGameVideo" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4534:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static void UI_UpdateVoteFlags( qboolean open ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4536:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( open ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4650:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[17];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4899:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4923:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4932:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4933:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5025:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( UI_Cvar_VariableString( "ui_isSpectator" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5081:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selectType = atoi( param );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5082:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
itemIndex = atoi( param2 );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5089:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
indexNum = atoi( name );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5099:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
indexNum = atoi( name );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5438:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clients = atoi( Info_ValueForKey( info, "clients" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5450:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxClients = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5461:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
friendlyFire = atoi( Info_ValueForKey( info, "friendlyFire" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5478:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxlives = atoi( Info_ValueForKey( info, "maxlives" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5489:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tourney = atoi( Info_ValueForKey( info, "tourney" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5500:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
punkbuster = atoi( Info_ValueForKey( info, "punkbuster" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5516:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
antilag = atoi( Info_ValueForKey( info, "g_antilag" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5532:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi( Info_ValueForKey( info, "gametype" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5800:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH + 2];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5801:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6076:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUDEFFILE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6094:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6095:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6096:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char clientBuff[32];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6097:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pingstr[10];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6120:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
antilag = atoi( Info_ValueForKey( info, "g_antilag" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6121:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ping = atoi( Info_ValueForKey( info, "ping" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6131:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int nettype = atoi(Info_ValueForKey(info, "nettype"));
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6147:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi( Info_ValueForKey( info, "gametype" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6165:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
punkbuster = atoi( Info_ValueForKey( info, "punkbuster" ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:6280:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096]; // com_errorMessage can go up to 4096
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7304:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastLoadingText[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dlSizeBuf[64], totalSizeBuf[64], xferRateBuf[64], dlTimeBuf[64];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[256];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7485:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ps[60];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:869:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( legs.torsoAxis, torso.axis, sizeof( torso.axis ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:989:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1116:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animModelInfo->version = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1168:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1187:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1194:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].loopFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1214:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1221:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].animBlend = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1272:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skip = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1275:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1283:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20000];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_public.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servername[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_public.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateInfoString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_public.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messageString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[MEM_POOL_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:241:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char strPool[STRING_POOL_SIZE];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:346:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:369:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:493:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*i = atoi( token );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:641:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:1368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curscript[64];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:1495:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &item->window.rectClient, &rectFrom, sizeof( rectDef_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:1496:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &item->window.rectEffects, &rectTo, sizeof( rectDef_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:1634:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DC->feederAddItem( t->special, name, atoi( val ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:1687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024], *p;
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:1723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024], *p;
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:1726:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:2382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:2408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:2471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3286:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3330:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3336:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newColor, &parent->disableColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3555:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3607:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3631:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[256];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3935:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g_nameBind1[32];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3936:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g_nameBind2[32];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3962:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( g_nameBind1, "???" );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3978:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:4018:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:5782:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &item->colorRanges[item->numColors], &color, sizeof( color ) );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h:121:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[MAX_SCRIPT_ARGS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h:215:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cvarList[MAX_MULTI_CVARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h:216:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cvarStr[MAX_MULTI_CVARS];
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.h:297:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *onKey[255]; // NERVE - SMF - execs commands when a key is pressed
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/ioapi.c:19:36: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define FOPEN_FUNC(filename, mode) fopen(filename, mode)
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/ioapi.c:109:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, mode_fopen);
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/ioapi.h:54:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen64 fopen
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/ioapi.h:59:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen64 fopen
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/ioapi.h:64:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen64 fopen
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/unzip.c:1277:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szCurrentFileName[UNZ_MAXFILENAMEINZIP+1];
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/unzip.c:1493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source[12];
data/iortcw-1.51.c+dfsg1/SP/code/asm/snapvector.c:31:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ssemask[16] __attribute__((aligned(16))) =
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:181:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( trace, &enttrace, sizeof( bsp_trace_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:342:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*value = atoi( buf );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:521:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bspworld.dentdata, botimport.BSPEntityData(), bspworld.entdatasize );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_debug.c:259:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bboxcorners[4], bboxcorners[0], sizeof( vec3_t ) * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_debug.c:685:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &reach, &( *aasworld ).reachability[settings->firstreachablearea + index], sizeof( aas_reachability_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_def.h:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_def.h:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_def.h:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *configstrings[MAX_CONFIGSTRINGS];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_entity.c:180:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( info, &( *defaultaasworld ).entities[entnum].i, sizeof( aas_entityinfo_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_file.c:414:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
( *aasworld ).bspchecksum = atoi( LibVarGetString( "sv_mapChecksum" ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:170:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( *aasworld ).configstrings[i] = (char *) GetMemory( strlen( configstrings[i] ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aasfile[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char this_mapname[MAPNAME_LEN], intstr[4];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_optimize.c:169:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( optface, face, sizeof( aas_face_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_optimize.c:203:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( optarea, area, sizeof( aas_area_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:2607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[MAX_EPAIRKEY], targetname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:2608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:2626:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
AAS_BSPModelMinsMaxsOrigin( atoi( model + 1 ), angles, mins, maxs, origin );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:2660:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
AAS_BSPModelMinsMaxsOrigin( atoi( model + 1 ), angles, mins, maxs, origin );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:2763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_EPAIRKEY], classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:2789:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:3138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:3166:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:3373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[MAX_EPAIRKEY], targetname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:3374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:3396:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_reach.c:3852:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_route.c:952:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_route.c:1112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_route.c:1907:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( reach, &( *aasworld ).reachability[num], sizeof( aas_reachability_t ) );;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_route.c:2202:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( *aasworld ).areavisibility[i], buf, size );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routetable.c:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routetable.c:515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routetable.c:809:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( area_parents[i]->visibleParents, visibleParents, area_parents[i]->numVisibleParents * sizeof( unsigned short int ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_routetable.c:1195:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char destVisLookup[MAX_PARENTS];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_CHATTYPE_NAME];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; //name of the bot
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatmessage[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:593:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( str, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:888:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( str1, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:937:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( &ptr[strlen( ptr )], "%cv%ld%c", ESCAPE_CHAR, token.intvalue, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatmessagestring[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1764:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuffer[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1944:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chatmessagestring[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcmessage[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2603:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bestmatch, &match, sizeof( bot_match_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAX_MESSAGE_SIZE]; //message
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_gen.c:123:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( rankings, ranks, sizeof( float ) * numranks );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[32]; //classname of the item
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD]; //name of the item
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD]; //model of the item
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:1007:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:1038:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &gs->goalstack[gs->goalstacktop], goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:1088:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &gs->goalstack[gs->goalstacktop], sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:1107:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &gs->goalstack[gs->goalstacktop - 1], sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_move.c:534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[MAX_EPAIRKEY], model[MAX_EPAIRKEY];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_move.c:547:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.c:252:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &wc->weaponinfo[weaponinfo.number], &weaponinfo, sizeof( weaponinfo_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.c:299:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &wc->weaponinfo[i].proj, &wc->projectileinfo[j], sizeof( projectileinfo_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.c:398:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( weaponinfo, &weaponconfig->weaponinfo[weapon], sizeof( weaponinfo_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.h:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weap.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projectile[MAX_STRINGFIELD];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:582:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( filename, "wb" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.h:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ea.c:401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( input, bi, sizeof( bot_input_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ea.c:426:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bi, init, sizeof( bot_input_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/botai.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/botlib.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_LOGFILENAMESIZE];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.c:78:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfile.fp = fopen(ospath, "wb");
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:289:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( t, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:345:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, source->tokens, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:678:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
define->name = (char *) GetMemory(strlen(builtin[i].string) + 1);
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:708:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token->string, "%d", deftoken->line );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:959:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2434:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%ld", labs( value ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2460:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%1.2f", fabs( value ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2540:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%ld", labs( value ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2570:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( token.string, "%1.2f", fabs( value ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2756:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &source->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2798:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "string" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2801:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "literal" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2804:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "number" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2807:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "name" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2810:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "punctuation" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2819:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "decimal" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2822:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "hex" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2825:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "octal" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2828:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "binary" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2831:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " long" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2834:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " unsigned" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2837:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " float" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2840:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " integer" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2905:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, &tok, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.h:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH]; //file name of the script
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.h:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char includepath[MAX_QPATH]; //path to include files
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:165:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basefolder[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:844:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &script->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:858:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, &script->token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:920:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &script->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:951:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:961:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "string" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:964:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "literal" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:967:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "number" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:970:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "name" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:973:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "punctuation" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:982:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "decimal" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:985:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "hex" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:988:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "octal" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:991:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "binary" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:994:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " long" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:997:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " unsigned" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1000:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " float" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1003:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( str, " integer" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1073:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( token, &tok, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &script->token, token, sizeof( token_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1349:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( filename, "rb" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKEN]; //available token
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.h:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH]; //file name of the script
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_struct.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( (char *)p )[MAX_STRINGFIELD - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_struct.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test[4];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:52:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
trap_SendClientCommand( va( "gc %i %i", targetNum, atoi( test ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_consolecmds.c:362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamStr[80], classStr[80], weapStr[80];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systemChat[256];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChat1[256];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChat2[256];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:183:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16], *ptr;
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:842:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printme[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:861:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printme[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:1054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:1570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pickupText[256];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:2001:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:2539:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rendererinfos[128];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:3026:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deploytime[128]; // JPW NERVE
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:3539:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:3581:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_effects.c:606:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int CG_GetOriginForTag( centity_t *cent, refEntity_t *parent, char *tagName, int startIndex, vec3_t org, vec3_t axis[3] ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:545:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:780:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:1473:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:1864:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:2084:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->refEnt, &ent, sizeof( refEntity_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:2459:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) == s1->number ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:2464:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pi = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:49:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[64];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetName[32];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attackerName[32];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:232:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( attackerName, "noname" );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1847:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1858:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_flamethrower.c:1292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_flamethrower.c:1321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char personality[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:318:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vars[v++] = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hunkBuf[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:387:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expectedHunk = atoi( hunkBuf );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MAX_QPATH]; // md3_lower, md3_lbelt, md3_rbelt, etc.
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH]; // lower.md3, belt1.md3, etc.
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dl_stylestring[64];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char validOldPos[MAX_OLD_POS];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hSkinName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:814:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoScreenText[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:825:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char killerName[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:826:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spectatorList[MAX_STRING_CHARS]; // list of names
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:844:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char centerPrint[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:963:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testModelName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:987:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oidPrint[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1539:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redTeam[MAX_QPATH]; // A team
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1541:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueTeam[MAX_QPATH]; // B team
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1547:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteString[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamVoteString[2][MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChatMsgs[TEAMCHAT_HEIGHT][TEAMCHAT_WIDTH * 3 + 1];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1578:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemPrintNames[MAX_ITEMS][32]; //----(SA) added
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1881:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char systemChat[256];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1882:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char teamChat1[256];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:1883:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char teamChat2[256];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_local.h:2130:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int CG_GetOriginForTag( centity_t * cent, refEntity_t * parent, char *tagName, int startIndex, vec3_t org, vec3_t axis[3] );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_localents.c:650:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &( nle->leType ), &( le->leType ), sizeof( localEntity_t ) - 2 * sizeof( localEntity_t * ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:501:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.localServer = atoi( var );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:583:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:620:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:646:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entnum = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:653:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cent->dl_frame = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:660:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cent->dl_sound = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:663:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cent->dl_atten = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:723:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( data, start, len );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:748:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_BUFFER];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:750:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_BUFFER];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char items[MAX_ITEMS + 1];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:850:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1086:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1089:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char items[MAX_ITEMS + 1];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1090:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *sb_nums[11] = {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1461:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1473:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1565:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parm1[MAX_QPATH], parm2[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1585:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parm[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1602:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUFILE];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1867:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUDEFFILE];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:2092:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:2178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:2350:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_marks.c:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mark->verts, verts, mf->numPoints * sizeof( verts[0] ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:735:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:1062:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:1085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:1097:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:1235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:1331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:102:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *shaderAnimNames[MAX_SHADER_ANIMS] = {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:1602:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:1636:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numparticles = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:1639:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
turb = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_particles.c:1642:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
snum = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[100000];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cg_customSoundNames[MAX_CUSTOM_SOUNDS] = {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tags[2] = {"tag_footleft", "tag_footright"};
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namefromskin[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:623:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namefromskin[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:624:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:677:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleString[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namefromskin[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1248:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi( v );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1538:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.botSkill = atoi( v );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1542:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.handicap = atoi( v );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1546:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.wins = atoi( v );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1550:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.losses = atoi( v );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:1554:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.team = atoi( v );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:4529:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[8][64];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:4874:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( legs.torsoAxis, torso.axis, sizeof( torso.axis ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:5541:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( or->axis, tempAxis, sizeof( vec3_t ) * 3 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_players.c:5594:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( or->axis, tempAxis, sizeof( vec3_t ) * 3 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamstr[32];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:301:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( teamstr, "axis_desc" );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:303:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( teamstr, "allied_desc" );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:309:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( buf && atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:310:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( buf );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:322:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi( Info_ValueForKey( s, "status" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:370:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:48:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numScores = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:53:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.teamScores[0] = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:54:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.teamScores[1] = atoi( CG_Argv( 3 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:59:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].client = atoi( CG_Argv( i * 6 + 4 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:60:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].score = atoi( CG_Argv( i * 6 + 5 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:61:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].ping = atoi( CG_Argv( i * 6 + 6 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:62:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].time = atoi( CG_Argv( i * 6 + 7 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:63:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].scoreFlags = atoi( CG_Argv( i * 6 + 8 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:64:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
powerups = atoi( CG_Argv( i * 6 + 9 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:101:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numSortedTeamPlayers = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:110:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client = atoi( CG_Argv( i * 6 + 2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:119:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].location = atoi( CG_Argv( i * 6 + 3 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:120:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].health = atoi( CG_Argv( i * 6 + 4 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:121:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].armor = atoi( CG_Argv( i * 6 + 5 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:122:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].curWeapon = atoi( CG_Argv( i * 6 + 6 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:123:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].powerups = atoi( CG_Argv( i * 6 + 7 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:141:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.gametype = atoi( Info_ValueForKey( info, "g_gametype" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:143:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.dmflags = atoi( Info_ValueForKey( info, "dmflags" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:144:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamflags = atoi( Info_ValueForKey( info, "teamflags" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:145:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.fraglimit = atoi( Info_ValueForKey( info, "fraglimit" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:146:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.capturelimit = atoi( Info_ValueForKey( info, "capturelimit" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:147:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.timelimit = atoi( Info_ValueForKey( info, "timelimit" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:148:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.maxclients = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:184:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.playTimeH = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:186:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.playTimeM = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:188:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.playTimeS = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:192:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numObjectivesFound = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:194:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numObjectives = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:198:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numSecretsFound = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:200:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numSecrets = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:204:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numTreasureFound = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:206:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numTreasure = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:210:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numArtifactsFound = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:212:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numArtifacts = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:216:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.attempts = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:233:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
warmup = atoi( info );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:260:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadestart = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:262:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadeduration = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:301:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
token = COM_Parse( (char **)&info ); time = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:319:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores1 = atoi( CG_ConfigString( CS_SCORES1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:320:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores2 = atoi( CG_ConfigString( CS_SCORES2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:321:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( CG_ConfigString( CS_LEVEL_START_TIME ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:332:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.warmup = atoi( CG_ConfigString( CS_WARMUP ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char originalShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeOffset[16];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:385:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:406:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores1 = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:408:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores2 = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:410:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:412:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteTime = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:415:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteYes = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:418:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteNo = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:425:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteTime[num - CS_TEAMVOTE_TIME] = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:428:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteYes[num - CS_TEAMVOTE_YES] = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:431:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteNo[num - CS_TEAMVOTE_NO] = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:438:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.intermissionStarted = atoi( str );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[10000];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SAY_TEXT];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:801:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
qboolean startBlack = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:818:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int time = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:915:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader1[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:916:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader2[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:917:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader3[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:944:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int team = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:960:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadeTime = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:975:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadeTime = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:983:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int time = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:990:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int time = atoi( CG_Argv( 2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c:172:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->currentState, state, sizeof( entityState_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c:188:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prevmap[64] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c:189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curmap[64];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c:292:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ¢->nextState, es, sizeof( entityState_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_sound.c:343:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sound.shakeDuration = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_sound.c:373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soundFiles[MAX_SOUND_FILES][MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_sound.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_BUFFER];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_sound.c:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_trails.c:681:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mid.modulate[l] = ( unsigned char )( mod[l] / 4.0 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_view.c:1278:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) ) { // this camera has fog
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_view.c:1302:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fogStart = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_view.c:1309:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fogEnd = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20000];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:931:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:937:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:955:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].loopFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:972:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:978:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:986:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wi->weapAnimations[i].moveSpeed |= ( ( atoi( token ) ) << 8 ); // use 2nd byte for draw bits
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:1011:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH], comppath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4285:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bank = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_weapons.c:4347:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( CG_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_avi.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:215:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cl.gameState.stringData + cl.gameState.dataCount, dup, len + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:276:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bigConfigString[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[256];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:899:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) == memusage ) { // if it is the same, abort this process
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:346:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 32);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 16);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:384:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 32);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:417:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, 8);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:418:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst+spl, src+8, 8);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cin.c:1475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_console.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_console.c:345:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tbuf, con.text, CON_TEXTSIZE * sizeof( short ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_input.c:79:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k = atoi( c );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_input.c:103:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
b->downtime = atoi( c );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_input.c:116:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k = atoi( c );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_input.c:139:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uptime = atoi( c );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( str, edit->buffer + prestep, drawLen );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1578:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_EDIT_LINE-1];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1827:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tinystr[5];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1984:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ MAX_STRING_CHARS ], *p = buf, *end;
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2484:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char consoleSaveBuffer[ MAX_CONSOLE_SAVE_BUFFER ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2518:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
historyEditLines[ i ].cursor = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2523:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
historyEditLines[ i ].scroll = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2528:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numChars = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:144:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_reconnectArgs[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:145:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_oldGame[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:243:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int id = atoi(idstr);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:260:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int id = atoi(idstr);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:297:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(Cmd_Argv(2));
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:567:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (encio == NULL) encio = fopen("voip-outgoing-encoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:570:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (decio == NULL) decio = fopen("voip-outgoing-decoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:712:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char demoName[MAX_QPATH]; // compiler bug workaround
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:714:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:885:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ MAX_STRING_CHARS ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1068:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demoExt[ 16 ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1084:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1088:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retry[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1109:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
protocol = atoi(ext_test + ARRAY_LEN(DEMOEXT));
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nums[64];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1713:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAX_RCON_MESSAGE];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1878:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cMsg[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char missingfiles[1024];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[MAX_INFO_STRING + 10];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2610:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi(c);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2615:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ver = atoi(strver);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2668:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clc.challenge = atoi(Cmd_Argv(1));
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2702:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi(c);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2989:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2990:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverName[ MAX_OSPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char groupStr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemStr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3165:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cacheIndex = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3353:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dllName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3510:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
doexit = (qboolean)( atoi( Cmd_Argv( 3 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ MAX_OSPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3598:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[ QKEY_SIZE ];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3953:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->clients = atoi( Info_ValueForKey( info, "clients" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3956:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->maxClients = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3958:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->gameType = atoi( Info_ValueForKey( info, "gametype" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3959:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->netType = atoi( Info_ValueForKey( info, "nettype" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3960:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->minPing = atoi( Info_ValueForKey( info, "minping" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3961:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->maxPing = atoi( Info_ValueForKey( info, "maxping" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3962:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->g_humanplayers = atoi( Info_ValueForKey( info, "g_humanplayers" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3963:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->g_needpass = atoi( Info_ValueForKey( info, "g_needpass" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3964:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->allowAnonymous = atoi( Info_ValueForKey( info, "sv_allowAnonymous" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4000:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4026:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prot = atoi( Info_ValueForKey( infoString, "protocol" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024], *masteraddress;
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4351:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((count = Cmd_Argc()) < 3 || (masterNum = atoi(Cmd_Argv(1))) < 0 || masterNum > MAX_MASTER_SERVERS)
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4362:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "sv_master%d", i);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4380:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "sv_master%d", masterNum);
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4623:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &pingptr->adr, &to, sizeof( netadr_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4639:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4694:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &cl_pinglist[j].adr, &server[i].adr, sizeof( netadr_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chs[3];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *svc_strings[256] = {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:351:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:356:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cl.serverId = atoi( Info_ValueForKey( systemInfo, "sv_serverid" ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:376:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cl_connectedToCheatServer = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:452:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clc.sv_allowDownload = atoi(Info_ValueForKey(serverInfo,
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldGame[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:508:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cl.gameState.stringData + cl.gameState.dataCount, s, len + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:569:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MAX_MSGLEN];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:710:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char encoded[4000];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:804:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (encio == NULL) encio = fopen("voip-incoming-encoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:807:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (decio == NULL) decio = fopen("voip-incoming-decoded.bin", "wb");
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_ui.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cl_cdkey[34];
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_ui.c:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH]; // extracted from CS_SERVERINFO
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char limboChatMsgs[LIMBOCHAT_HEIGHT][LIMBOCHAT_WIDTH * 3 + 1];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servername[MAX_OSPATH]; // name of server from original connect (used by reconnect)
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverMessage[MAX_STRING_TOKENS]; // for display on connection dialog
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reliableCommands[MAX_RELIABLE_COMMANDS][MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverCommands[MAX_RELIABLE_COMMANDS][MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadTempName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadURL[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sv_dlURL[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadList[MAX_INFO_STRING]; // list of paks we need to download
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demoName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:258:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char timeDemoDurations[ MAX_TIMEDEMO_DURATIONS ]; // log of frame durations
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostName[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapName[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char game[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateChallenge[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:369:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateInfoString[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/client/client.h:385:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cl_oldGame[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:56:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t name[256];
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:61:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t identity[256];
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:63:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char context[256];
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:64:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t description[2048];
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[256];
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lm->context, context, len);
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.c:62:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rtn = codec->open(localName);
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.c:99:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rtn = codec->open(altName);
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.h:63:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
CODEC_OPEN open;
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec_wav.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[5];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec_wav.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dump[16];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s_backgroundLoop[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4][16];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem[2][16];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:174:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[0], "16bit");
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:175:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[1], "adpcm");
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:176:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[2], "daub4");
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:177:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type[3], "mulaw");
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:178:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mem[0], "paged out");
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:179:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mem[1], "resident ");
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:1292:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rawsamples[dst].left = ((char *)data)[src*2] * intVolumeLeft;
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:1293:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rawsamples[dst].right = ((char *)data)[src*2+1] * intVolumeRight;
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_local.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soundName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_local.h:76:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char s_entityTalkAmplitude[MAX_CLIENTS];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_local.h:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loop[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_mix.c:258:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char s_entityTalkAmplitude[MAX_CLIENTS];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:2020:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s_backgroundLoop[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:2715:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devicenames[16384] = "";
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:2834:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inputdevicenames[16384] = "";
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c:423:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( client->ps.weapons, weaponInfo->startingWeapons, sizeof( weaponInfo->startingWeapons ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c:728:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loading[4];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c:745:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( strlen( loading ) > 0 && atoi( loading ) != 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c:749:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !( g_reloading.integer ) && atoi( loading ) == 2 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.h:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *soundScripts[MAX_AI_EVENT_SOUNDS];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_debug.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *aifuncs[MAX_AIFUNCS];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_debug.c:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_events.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_fight.c:271:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( enemies, sortedEnemies, sizeof( int ) * enemyCount );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_func_boss1.c:345:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *heinrichSounds[MAX_HEINRICH_SOUNDS] = {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:291:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int1 = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:293:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int2 = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:295:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eInt = atoi( event->params );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char params[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:605:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cs->castScriptEvents, cast_temp_events, sizeof( cast_script_event_t ) * numEventItems );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loading[4];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:465:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( strlen( loading ) > 0 && atoi( loading ) != 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:515:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:713:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->castScriptStatus.scriptNoAttackTime = level.time + atoi( params );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, tokens[3][MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:804:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numLoops = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:926:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
endtime = cs->castScriptStatus.castScriptStackChangeTime + atoi( tokens[1] );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1053:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1055:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
amt = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1119:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int spillover = atoi( token ) - ammoTable[weapon].maxclip;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1127:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[cs->entityNum].client->ps.ammoclip[weapon] = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1240:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[cs->entityNum].client->ps.stats[STAT_ARMOR] += atoi( params );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1676:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return ( ( cs->castScriptStatus.castScriptStackChangeTime + atoi( token ) ) < level.time );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1724:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, lastToken[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1734:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bufferIndex = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1751:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] += atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1756:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] < atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1764:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] > atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1772:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] != atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1780:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] == atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1788:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] |= ( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1793:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] &= ~( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1798:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( cs->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1806:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !( cs->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1814:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1819:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->scriptAccumBuffer[bufferIndex] = rand() % atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1904:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1909:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mof = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1952:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level.numObjectives = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:1985:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lvl = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2319:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( pch ) ) { // there's a 'time' specified
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2320:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exitTime = atoi( pch );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2399:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cs->castScriptStatus.scriptNoSightTime = level.time + atoi( params );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2775:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[cs->entityNum].health = atoi( params );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2776:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_entities[cs->entityNum].client->ps.stats[STAT_HEALTH] = atoi( params );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2845:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2857:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadeupTime = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2901:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadeoutTime = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2931:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadetime = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:2946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:3021:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char condition[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_sight.c:285:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &clientHeadTags[srcent->s.number], &or, sizeof( orientation_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_think.c:1225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( move->touchents, pm.touchents, sizeof( pm.touchents ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_think.c:1274:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &ucmd, &cs->lastucmd, sizeof( usercmd_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:79:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:106:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:135:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:154:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:166:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:187:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:199:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:221:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:236:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:267:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mapname[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:414:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:579:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( name, "[world]" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:660:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:766:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:886:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:939:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:1030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &cp->goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyarea[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addressedto[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botname[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE], netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:589:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:664:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1076:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1077:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char goalname[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1245:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &tmpgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE], teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char enemy[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag[128], netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeswitch[MAX_NODESWITCHES + 1][144];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:291:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:463:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:490:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:540:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:570:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:637:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( buf, " to " );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:677:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->curpatrolpoint->goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:761:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:818:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( goal, &bs->lead_teamgoal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:1263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skin[128], *p;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:208:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->teamgoal, &ctf_redflag, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:209:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
} else { memcpy( &bs->teamgoal, &ctf_blueflag, sizeof( bot_goal_t ) );}
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128] = {0};
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:559:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:929:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->teamgoal, goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:994:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bestgoal, &goal, sizeof( bot_goal_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_INFO_STRING], tmpmodel[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[128], classname[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetname[10][128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2228:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[128], model[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2308:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelindex = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2524:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botname[MAX_NETNAME], message[MAX_MESSAGE_SIZE], netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2622:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2764:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gender[144], name[144];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2856:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2885:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi( model + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:155:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( state, &ent->client->ps, sizeof( playerState_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:178:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( state, &ent->s, sizeof( entityState_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vars[MAX_MATCHVARIABLES];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *args;
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[144], name[144], gender[144];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:655:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->settings, settings, sizeof( bot_settings_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:779:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &settings, &bs->settings, sizeof( bot_settings_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:780:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &ps, &bs->cur_ps, sizeof( playerState_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:800:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->cur_ps, &ps, sizeof( playerState_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:801:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bs->settings, &settings, sizeof( bot_settings_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1051:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1133:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buf, "20" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.h:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamleader[MAX_NETNAME]; //netname of the team leader
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.h:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subteam[32]; //sub team name
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:89:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:145:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( Info_ValueForKey( buf, "t" ) ) == TEAM_SPECTATOR ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamchat[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], carriername[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], carriername[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defineStrings[10000]; // stores the actual strings
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:593:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animModelInfo->version = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:645:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:664:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:671:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].loopFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:691:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:700:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].animBlend = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:715:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].priority = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:765:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skip = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:768:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:776:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:803:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void BG_ParseConditionBits( char **text_pp, animStringItem_t *stringTable, int condIndex, int result[RESULT_SIZE] ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentString[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1036:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
command->animDuration[partIndex] = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1079:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) > 7 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1080:87: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
BG_AnimParseError( "BG_ParseCommands: showpart number '%d' is too big! (max 8)", atoi( token ) ) ;
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1083:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
command->accShowBits &= atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1090:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi( token ) > 7 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1091:87: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
BG_AnimParseError( "BG_ParseCommands: hidepart number '%d' is too big! (max 8)", atoi( token ) ) ;
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1094:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
command->accHideBits &= atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1233:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &defineStr[ANIM_COND_ENEMY_WEAPON][0], &defineStr[ANIM_COND_WEAPON][0], sizeof( animStringItem_t ) * MAX_ANIM_DEFINES );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:353:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:353:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:359:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:359:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) dest)[i] = ((char *) src)[i];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:375:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( (char *)dest )[count] = c;
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:380:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *memcpy( void *dest, const void *src, size_t count ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:382:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( (char *)dest )[count] = ( (char *)src )[count];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:382:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( (char *)dest )[count] = ( (char *)src )[count];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:1035:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atoi( const char *string ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:1694:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char convert[24];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:1811:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconvert[20];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:1812:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fconvert[20];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:101:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atoi( const char *string );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:112:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *memcpy( void *dest, const void *src, size_t count );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_misc.c:4348:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_public.h:1060:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_public.h:1233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *world_model[MAX_ITEM_MODELS];
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_public.h:1639:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelname[MAX_QPATH]; // name of the model
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_botInfos[MAX_BOTS][MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_arenaInfos[MAX_ARENAS][MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:417:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:483:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
settings.skill = atoi( Info_ValueForKey( userinfo, "skill" ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:670:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skill = Com_Clamp( 1, 5, atoi( string ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_bot.c:681:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi( string );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1213:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[100000]; // <- was causing callstacks >64k
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH], modelname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1313:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( userinfo, "\\name\\badinfo" );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1320:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( s ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1328:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( s ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1336:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( s ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1361:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->pers.maxHealth = atoi( Info_ValueForKey( userinfo, "handicap" ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:1492:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:2056:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
anim->moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_client.c:2063:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
anim->stepGap = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1000];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:127:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( line + len, arg, tlen );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cleanName[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:192:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:265:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
amount = atoi( amt );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:708:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.playerType = atoi( ptype );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:709:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.playerWeapon = atoi( weap );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:710:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.playerPistol = atoi( pistol );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:711:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.playerItem = atoi( grenade );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:712:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->sess.playerSkin = atoi( skinnum );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:742:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptype[4], weap[4], pistol[4], grenade[4], skinnum[4];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:955:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:957:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SAY_TEXT];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:958:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[64];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1121:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
order = atoi( arg );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg2[MAX_STRING_TOKENS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:1378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:2028:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:2036:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entnum = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:2039:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enemynum = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:2042:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:2118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:2135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_func_decs.h:525:69: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
extern void trap_AdjustAreaPortalState ( gentity_t * ent , qboolean open ) ;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_func_decs.h:1201:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern void BG_ParseConditionBits ( char * * text_pp , animStringItem_t * stringTable , int condIndex , int result [ 2 ] ) ;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_items.c:1133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_ITEMS + 1];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteDisplayString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamVoteString[2][MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:662:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spawnVars[MAX_SPAWN_VARS][2]; // key / value pairs
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:664:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnVarChars[MAX_SPAWN_VARS_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nextMap[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:1024:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char characterfile[MAX_FILEPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_local.h:1189:62: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void trap_AdjustAreaPortalState( gentity_t *ent, qboolean open );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:941:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1032:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1033:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1225:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1269:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[10];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nextmap[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1859:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d1[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1928:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_mem.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[POOLSIZE];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:1059:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->damage = atoi( damage );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:2429:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->damage = atoi( damage );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_mover.c:4378:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->damage = atoi( damage );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_mover.c:4435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c:3238:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->s.frame = atoi( startonframe );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_props.c:3250:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->props_frame_state = atoi( loop );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char musicString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char funcStr[512];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:517:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out + outcount, &count, SAVE_ENCODE_COUNT_BYTES );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:525:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out + outcount, raw + oldrawcount, count );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:547:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &count, in + incount, SAVE_ENCODE_COUNT_BYTES );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:556:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out + outcount, in + incount, count );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:645:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( (byte *)&temp ) + ifield->ofs, ( (byte *)client ) + ifield->ofs, ifield->len );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:649:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( client, &temp, size );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:810:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( (byte *)&temp ) + ifield->ofs, ( (byte *)ent ) + ifield->ofs, ifield->len );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:823:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ent, &temp, size );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:968:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( (byte *)&temp ) + ifield->ofs, ( (byte *)cs ) + ifield->ofs, ifield->len );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:972:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cs, &temp, size );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:981:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &cs->bs->cur_ps, &g_entities[cs->entityNum].client->ps, sizeof( playerState_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1048:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *monthStr[12] =
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1071:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char infoString[SAVE_INFOSTRING_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1091:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1092:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapstr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1093:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char leveltime[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char healthstr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapstr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1786:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapstr[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:185:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int1 = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:187:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int2 = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:189:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eInt = atoi( event->params );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char params[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:480:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ent->scriptEvents, g_temp_events, sizeof( g_script_event_t ) * numEventItems );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:495:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &scriptStatusBackup, &ent->scriptStatus, sizeof( g_script_status_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:506:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &ent->scriptStatus, &scriptStatusBackup, sizeof( g_script_status_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:263:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, name[MAX_QPATH], trigger[MAX_QPATH], *token;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sound[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:370:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadeupTime = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:414:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadeoutTime = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:444:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fadetime = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, tokens[2][MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:508:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
startframe = atoi( tokens[0] );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:509:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
endframe = atoi( tokens[1] );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:534:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
endtime = ent->scriptStatus.scriptStackChangeTime + atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:545:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rate = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:638:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pString, *token, lastToken[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:648:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bufferIndex = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:665:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] += atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:670:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] < atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:678:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] > atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:686:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] != atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:694:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] == atoi( token ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:702:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] |= ( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:707:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] &= ~( 1 << atoi( token ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:712:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ent->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:720:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !( ent->scriptAccumBuffer[bufferIndex] & ( 1 << atoi( token ) ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:728:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:733:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->scriptAccumBuffer[bufferIndex] = rand() % atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:756:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:761:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mof = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:811:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lvl = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:885:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
angles[i] = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:895:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1204:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1237:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1278:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1321:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1356:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1366:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1515:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->health = atoi( params );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_session.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_session.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_session.c:190:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gt = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:71:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*out = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:793:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*( int * )( b + f->ofs ) = atoi( value );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:890:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, string, l + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:908:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:909:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:110:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
b[i] = atoi( num );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iplist_final[MAX_CVAR_VALUE_STRING] = {0};
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[64] = {0};
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:398:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_syscalls.c:188:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void trap_AdjustAreaPortalState( gentity_t *ent, qboolean open ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_syscalls.c:189:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
syscall( G_ADJUST_AREA_PORTAL_STATE, ent, open );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:1103:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->start_size = atoi( rampup ) * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_target.c:1109:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->end_size = atoi( rampdown ) * 1000;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[1024];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:760:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1400];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numspawntargets[128];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:935:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_tramcar.c:688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newShader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:69:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[MAX_STRING_CHARS * 4];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[( MAX_QPATH * 2 ) + 5];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:337:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[8][32];
data/iortcw-1.51.c+dfsg1/SP/code/game/g_utils.c:350:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[8][64];
data/iortcw-1.51.c+dfsg1/SP/code/null/null_glimp.c:57:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] ) {
data/iortcw-1.51.c+dfsg1/SP/code/null/null_glimp.c:57:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] ) {
data/iortcw-1.51.c+dfsg1/SP/code/null/null_glimp.c:57:82: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] ) {
data/iortcw-1.51.c+dfsg1/SP/code/null/null_main.c:59:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen( ospath, mode );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_local.h:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_public.h:70:70: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void CM_AdjustAreaPortalState( int area1, int area2, qboolean open );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_test.c:398:66: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void CM_AdjustAreaPortalState( int area1, int area2, qboolean open ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cm_test.c:407:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( open ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:61:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmd_wait = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &cmd_text.data[cmd_text.cmdsize], text, l );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:134:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cmd_text.data, text, len - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_CMD_LINE];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( line, text, i );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:353:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *cmd_argv[MAX_STRING_TOKENS]; // points into cmd_tokenized
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:354:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_tokenized[BIG_INFO_STRING + MAX_STRING_TOKENS]; // will have 0 bytes inserted
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:355:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_cmd[BIG_INFO_STRING]; // the original command we received (no token processing)
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:401:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_args[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:423:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd_args[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *com_argv[MAX_NUM_ARGVS + 1];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:139:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_errorMessage[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:453:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *com_consoleLines[MAX_CONSOLE_LINES];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:578:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:747:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_filter[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:748:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1047:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1078:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2033:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_cdkey[34] = " ";
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2035:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_cdkey[34] = "123456789";
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2045:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[33];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuffer[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[33];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2076:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuffer[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuffer[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[17];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2497:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2601:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2947:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char shortestMatch[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3002:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[ TRUNCATE_LENGTH ];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:219:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[ MAX_CVAR_VALUE_STRING ];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:449:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
var->integer = atoi( var->string );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:619:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
var->integer = atoi( var->string );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[32];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[32];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:919:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:1235:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:1257:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakPathname[MAX_OSPATH]; // c:\quake3\baseq3
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakFilename[MAX_OSPATH]; // c:\quake3\baseq3\pak0.pk3
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:252:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakBasename[MAX_OSPATH]; // pak0
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakGamename[MAX_OSPATH]; // baseq3
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_OSPATH]; // c:\quake3
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[MAX_OSPATH]; // c:\quake3\baseq3
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gamedir[MAX_OSPATH]; // baseq3
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:277:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fs_gamedir[MAX_OSPATH]; // this will be a single file name with no separators
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:331:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *fs_serverPakNames[MAX_SEARCH_PATHS]; // pk3 names
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:337:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *fs_serverReferencedPakNames[MAX_SEARCH_PATHS]; // pk3 names
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:340:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidBase[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:341:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidComBaseGame[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:342:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidFsBaseGame[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:343:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastValidGame[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:541:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ospath[2][MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1231:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f1 = fopen( s1, "rb" );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1236:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f2 = fopen( s2, "rb" );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1330:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
protocol = atoi(ext_test + ARRAY_LEN(DEMOEXT));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dllName[MAX_OSPATH], qvmName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1903:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename_inzip[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2478:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int FS_AddFileToList( char *name, char *list[MAX_FOUND_FILES], int nfiles ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2478:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int FS_AddFileToList( char *name, char *list[MAX_FOUND_FILES], int nfiles ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2506:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[MAX_FOUND_FILES];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zpath[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2766:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descPath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2803:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curpath[MAX_OSPATH + 1], *pakfile;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sorted[MAX_PAKFILES];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3261:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sorted[i],"zz",2 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3275:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sorted[i],"sp",2 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3441:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[MAX_ZPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3820:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorText[MAX_STRING_CHARS] = "";
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3821:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char missingPaks[MAX_STRING_CHARS] = "";
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3964:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorText[MAX_STRING_CHARS] = "";
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3996:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4022:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4052:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4078:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4109:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4143:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4210:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs_serverPaks[i] = atoi( Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4257:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs_serverReferencedPaks[i] = atoi( Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ MAX_STRING_CHARS ];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/json.h:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cValue[256];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/json.h:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cValue[256];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/json.h:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cValue[256];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:23:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[64];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:187:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, len);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:190:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, t);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:199:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, 64);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:208:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, len);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:255:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, ctx->buf, 16);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:262:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char final[33] = {""};
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/md5.c:263:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16] = {""};
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c:321:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c:347:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c:450:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c:480:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c:510:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *netsrcString[2] = {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:375:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( chan->fragmentBuffer + chan->fragmentLength,
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:397:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( msg->data + 4, chan->fragmentBuffer, chan->fragmentLength );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:459:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( net_message->data, loop->msgs[i].data, loop->msgs[i].datalen );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:477:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( loop->msgs[i].data, data, length );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:578:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_MSGLEN];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:633:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[MAX_STRING_CHARS], *search;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:684:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->port = BigShort((short) atoi(port));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IF_NAMESIZE];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:319:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sadr, search->ai_addr, search->ai_addrlen);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:458:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:478:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:636:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char socksBuf[4096];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:672:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &socksBuf[10], data, length );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1072:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1160:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &buf[2], net_socksUsername->string, ulen );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1164:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &buf[3 + ulen], net_socksPassword->string, plen );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1264:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&localIP[numIP].addr, addr, addrlen);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1265:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&localIP[numIP].netmask, netmask, addrlen);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[256];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:352:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:353:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_parsename[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:420:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:436:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp_buffer[MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1191:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_VA_STRING]; // in case va is called by nested functions
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1210:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buf, temp_buffer, len + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1310:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char value[2][BIG_INFO_VALUE]; // use two buffers so compares
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[MAX_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1468:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1548:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1588:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:397:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define Com_Memcpy memcpy
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:860:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:1099:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:1279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stringData[MAX_GAMESTATE_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:1703:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[32];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.h:1709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:799:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_EDIT_LINE];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qcommon.h:820:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cl_cdkey[34];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // tag name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // tag name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:362:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Comp[24]; // MC_COMP_BYTES is in MatComp.h, but don't want to couple
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:380:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:444:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:445:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // name of tag
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:507:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // name of bone
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:637:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/qfiles.h:682:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:97:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbols[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:550:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:1002:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("syscalls.log", "w" );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c:108:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vm_opInfo[256] =
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c:179:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *opnames[256] = {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c:257:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("code.bin", O_TRUNC|O_WRONLY|O_CREAT, 0644);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vm->codeBase+vm->codeLength, &isn, 4);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c:668:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[4];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c:677:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg.b, &code[pc], 4);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_armv7l.c:1184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argPointer, args, 4 * MAX_VMMAIN_ARGS );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_interpreted.c:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *opnames[256] = {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_interpreted.c:139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&word, addr, 4);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_local.h:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symName[1]; // variable sized
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_local.h:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc.c:196:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vm_opInfo[256] =
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc.c:486:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(di_now->code[0]), is, iBytes );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc.c:1839:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( codeNow, &(di_now->code[0]), di_now->length * sizeof( ppc_instruction_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc.c:2034:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[4];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc.c:2104:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argPointer, args, 4 * MAX_VMMAIN_ARGS );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_powerpc_asm.c:64:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char operands[8];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:60:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char args[4];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:412:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vm_opInfo[256] =
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:482:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *opnames[256] = {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:696:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dp->code[0], fp->insn_buf, insns_size);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:837:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(currentVM->dataBase+dest, currentVM->dataBase+src, count);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:1466:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code_now, &dp->code[0], dp->length * sizeof(unsigned int));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:1603:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[4];
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm_sparc.c:1655:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argPointer, args, 4 * MAX_VMMAIN_ARGS );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_animation.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char validBones[MDS_MAX_BONES];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_animation.c:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newBones[ MDS_MAX_BONES ];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_animation.c:1028:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bonePtr->matrix, tmpAxis, sizeof( tmpAxis ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_animation.c:1040:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( oldBones, bones, sizeof( bones[0] ) * header->numBones );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_backend.c:513:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *zombieFxFleshHitSurfaceNames[2] = {"u_body","l_legs"};
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_backend.c:2221:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:173:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ColorToRGBM(const vec3_t color, unsigned char rgbm[4])
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:288:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:325:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:385:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(color, &buf_p[j*12], 12);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:592:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, buf + 8, len - 8 );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:1958:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2211:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out, in, count * sizeof( *out ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2545:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( w->lightGridData, ( void * )( fileBase + l->fileofs ), l->filelen );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2556:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2623:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2624:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2725:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_ParseSpawnVars( char *spawnVarChars, int maxSpawnVarChars, int *numSpawnVars, char *spawnVars[MAX_SPAWN_VARS][2] )
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2725:90: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_ParseSpawnVars( char *spawnVarChars, int maxSpawnVarChars, int *numSpawnVars, char *spawnVars[MAX_SPAWN_VARS][2] )
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2727:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2728:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2845:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cubemapJson, *keyValueJson, *indexes[3];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnVarChars[2048];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spawnVars[MAX_SPAWN_VARS][2];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2899:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:3225:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:3240:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fileName, "primarylg%d.tga", i);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_curve.c:386:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_curve.c:389:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_curve.c:399:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_curve.c:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_extensions.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[256];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_fbo.h:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_font.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:170:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msgPart[1024];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uniformName[1000];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpCode[32000];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpCode[32000];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:926:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extradefines[1024];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:41:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char s_gammatable[256];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:2366:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:2383:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ddsName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:2508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char normalName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3038:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char surfName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3382:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( skin->surfaces, parseSurfaces, skin->numSurfaces * sizeof( skinSurface_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3559:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_CropImage( char *name, byte **pic, int border, int *width, int *height, int lastBox[2] ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3899:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], outfilename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3930:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3942:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3952:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3994:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3994:98: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3994:124: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_bmp.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[2];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_bmp.c:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[256][4];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_jpg.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_jpg.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_pcx.c:41:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[48];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_pcx.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filler[54];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_png.c:693:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CompressedDataPtr, OrigCompressedData, Length);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_index, &buf_p[3], 2);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:84:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_length, &buf_p[5], 2);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.x_origin, &buf_p[8], 2);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:87:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.y_origin, &buf_p[10], 2);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:88:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.width, &buf_p[12], 2);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.height, &buf_p[14], 2);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:295:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (flip, src, columns*4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:296:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (src, dst, columns*4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image_tga.c:297:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, flip, columns*4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[64];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:391:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_ENUM" );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:394:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_VALUE" );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:397:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_OPERATION" );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:400:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_OVERFLOW" );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:403:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_UNDERFLOW" );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:406:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_OUT_OF_MEMORY" );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:676:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fileName[MAX_OSPATH]; // bad things if two screenshots per frame?
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:824:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:1131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgName[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:839:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_RENDER_STRINGS][MAX_RENDER_STRING_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:880:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:888:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MAX_QPATH]; // md3_lower, md3_lbelt, md3_rbelt, etc.
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH]; // lower.md3, belt1.md3, etc.
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:1118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:1250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // ie: maps/tim_dm2.bsp
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:1251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[MAX_QPATH]; // ie: tim_dm2
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:1317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // tag name
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:1336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:1382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:2256:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256],
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:2257:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char green[256],
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_local.h:2258:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blue[256] );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:118:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_CURRENT], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:121:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_TARGET], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:145:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_CURRENT], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:150:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:153:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_TARGET], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:748:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:753:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_main.c:791:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_marks.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( outPoints, inPoints, numInPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], namebuf[MAX_QPATH+20];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:993:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1001:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1005:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1009:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1020:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1024:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1028:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1032:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1473:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1481:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1485:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1489:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1500:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->xyz, sizeof(vec3_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1504:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &st->st, sizeof(vec2_t));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1508:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->normal, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1512:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &v->tangent, sizeof(int16_t) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1947:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mds, buffer, LittleLong( pinmodel->ofsEnd ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:2280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tagName[MAX_QPATH]; //, *ch;
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meshName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:980:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &iqmData->positions[vtx*3], sizeof(float) * 3);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:984:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &iqmData->texcoords[vtx*2], sizeof(float) * 2);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:998:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &blendIndexes[vtx*4], sizeof(byte) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:1003:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &blendWeights.f[vtx*4], sizeof(float) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:1006:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &blendWeights.b[vtx*4], sizeof(byte) * 4);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_scene.c:156:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, verts, numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_scene.c:232:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, &verts[numVerts * j], numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:1274:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "";
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:1500:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *suf[6] = {"rt", "bk", "lf", "ft", "up", "dn"};
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:1501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:1981:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fogString[64];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:2347:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char normalName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:2393:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char specularName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:2889:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newShader->stages[i]->bundle[b].texMods, stages[i].bundle[b].texMods, size );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3841:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffers[MAX_SHADER_FILES] = {NULL};
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3865:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3873:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ext, ".mtr");
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_subs.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_subs.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:273:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].xyz, sizeof(verts[i].xyz));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:277:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].normal, sizeof(verts[i].normal));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:281:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].tangent, sizeof(verts[i].tangent));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:285:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].st, sizeof(verts[i].st));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:289:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].lightmap, sizeof(verts[i].lightmap));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:293:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].color, sizeof(verts[i].color));
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + dataOfs, &verts[i].lightdir, sizeof(verts[i].lightdir));
data/iortcw-1.51.c+dfsg1/SP/code/renderer/iqm.h:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_animation.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char validBones[MDS_MAX_BONES];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_animation.c:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newBones[ MDS_MAX_BONES ];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_animation.c:1023:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bonePtr->matrix, tmpAxis, sizeof( tmpAxis ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_animation.c:1035:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( oldBones, bones, sizeof( bones[0] ) * header->numBones );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_backend.c:582:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *zombieFxFleshHitSurfaceNames[2] = {"u_body","l_legs"};
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, buf + 8, len - 8 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:1705:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out, in, count * sizeof( *out ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:2038:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( w->lightGridData, ( void * )( fileBase + l->fileofs ), l->filelen );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:2054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:2055:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_curve.c:311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_curve.c:314:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_curve.c:320:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->widthLodError, errorTable[0], width * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_curve.c:323:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( grid->heightLodError, errorTable[1], height * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_font.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:39:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char s_gammatable[256];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:472:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( in, temp, outWidth * outHeight * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1071:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( scaledBuffer, data, width * height * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1087:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( scaledBuffer, data, width * height * 4 );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1761:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1958:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char surfName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( skin->surfaces, parseSurfaces, skin->numSurfaces * sizeof( skinSurface_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2282:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
qboolean R_CropImage( char *name, byte **pic, int border, int *width, int *height, int lastBox[2] ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2620:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], outfilename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2651:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2663:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2673:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pic, temppic, sizeof( unsigned int ) * newWidth * newHeight );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2715:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2715:98: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:2715:124: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
R_CropAndNumberImagesInDirectory( ri.Cmd_Argv( 1 ), ri.Cmd_Argv( 2 ), atoi( ri.Cmd_Argv( 3 ) ), atoi( ri.Cmd_Argv( 4 ) ), atoi( ri.Cmd_Argv( 5 ) ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_bmp.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[2];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_bmp.c:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[256][4];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_jpg.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_jpg.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_pcx.c:41:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[48];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_pcx.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filler[54];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_png.c:693:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CompressedDataPtr, OrigCompressedData, Length);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_index, &buf_p[3], 2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:84:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.colormap_length, &buf_p[5], 2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.x_origin, &buf_p[8], 2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:87:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.y_origin, &buf_p[10], 2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:88:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.width, &buf_p[12], 2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&targa_header.height, &buf_p[14], 2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:295:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (flip, src, columns*4);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:296:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (src, dst, columns*4);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image_tga.c:297:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, flip, columns*4);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[64];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:316:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_ENUM" );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:319:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_VALUE" );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:322:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_INVALID_OPERATION" );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:325:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_OVERFLOW" );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:328:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_STACK_UNDERFLOW" );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:331:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s, "GL_OUT_OF_MEMORY" );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:613:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fileName[MAX_OSPATH]; // bad things if two screenshots per frame?
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:761:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:814:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkname[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:1035:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgName[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_RENDER_STRINGS][MAX_RENDER_STRING_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:524:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MAX_QPATH]; // md3_lower, md3_lbelt, md3_rbelt, etc.
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH]; // lower.md3, belt1.md3, etc.
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // game path, including extension
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:810:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // ie: maps/tim_dm2.bsp
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:811:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[MAX_QPATH]; // ie: tim_dm2
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:1471:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256],
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:1472:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char green[256],
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_local.h:1473:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blue[256] );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:236:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_CURRENT], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:239:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_TARGET], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[FOG_CURRENT], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_LAST], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:271:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_TARGET], &glfogsettings[glfogNum], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:639:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:644:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_main.c:682:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &glfogsettings[FOG_CURRENT], &glfogsettings[FOG_TARGET], sizeof( glfog_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_marks.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( outPoints, inPoints, numInPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], namebuf[MAX_QPATH+20];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altName[ MAX_QPATH ];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:773:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( md3Frame_t * )( (byte *)mdc + mdc->ofsFrames ), ( md3Frame_t * )( (byte *)md3 + md3->ofsFrames ), mdcHeader.numFrames * sizeof( md3Frame_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:776:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ( mdcTagName_t * )( (byte *)mdc + mdc->ofsTagNames ) + j, ( ( md3Tag_t * )( (byte *)md3 + md3->ofsTags ) + j )->name, sizeof( mdcTagName_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:821:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsTriangles, (byte *)surf + surf->ofsTriangles, cSurf->numTriangles * sizeof( md3Triangle_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:823:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsShaders, (byte *)surf + surf->ofsShaders, cSurf->numShaders * sizeof( md3Shader_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:825:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsSt, (byte *)surf + surf->ofsSt, cSurf->numVerts * sizeof( md3St_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:833:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (byte *)cSurf + cSurf->ofsXyzNormals + ( sizeof( md3XyzNormal_t ) * cSurf->numVerts * i ),
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:902:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mod->mdc[lod], buffer, LittleLong( pinmodel->ofsEnd ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:1115:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mod->md3[lod], buffer, LittleLong( pinmodel->ofsEnd ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:1653:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mds, buffer, LittleLong( pinmodel->ofsEnd ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:2067:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tagName[MAX_QPATH]; //, *ch;
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model_iqm.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meshName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_scene.c:152:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, verts, numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_scene.c:228:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->verts, &verts[numVerts * j], numVerts * sizeof( *verts ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade.c:355:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx, input->xyz[i], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade.c:356:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+1, temp, sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade.c:739:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tess.svars.colors, tess.vertexColors, tess.numVertexes * sizeof( tess.vertexColors[0] ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade.c:748:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( tess.svars.colors, tess.vertexColors, tess.numVertexes * sizeof( tess.vertexColors[0] ) );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade_calc.c:669:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char invModulate[4];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:968:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "";
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:1194:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *suf[6] = {"rt", "bk", "lf", "ft", "up", "dn"};
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:1195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:1639:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fogString[64];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:2152:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newShader->stages[i]->bundle[b].texMods, stages[i].bundle[b].texMods, size );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:2545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:2604:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strippedName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:3111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffers[MAX_SHADER_FILES] = {NULL};
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:3116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:3135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:404:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:405:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:407:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t+1][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:408:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t+1][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:471:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:472:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:474:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tex+idx*2, s_skyTexCoords[t+1][s], sizeof(GLfloat)*2);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_sky.c:475:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+idx*3, s_skyPoints[t+1][s], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_subs.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_subs.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_surface.c:364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+i*6, start_points[ i % NUM_BEAM_SEGS], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_surface.c:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vtx+i*6+3, end_points[ i % NUM_BEAM_SEGS], sizeof(GLfloat)*3);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_types.h:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_RENDER_STRINGS][MAX_RENDER_STRING_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_types.h:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char renderer_string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_types.h:293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor_string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_types.h:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_string[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_types.h:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extensions_string[4 * MAX_STRING_CHARS]; // this is actually too short for many current cards/drivers // (SA) doubled from 2x to 4x MAX_STRING_CHARS
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_gamma.c:39:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] )
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_gamma.c:39:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] )
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_gamma.c:39:81: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void GLimp_SetGamma( unsigned char red[256], unsigned char green[256], unsigned char blue[256] )
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ MAX_STRING_CHARS ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:348:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile[6]; // ES, ES-CM, or ES-CL
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_icon.h:7:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pixel_data[128 * 128 * 4];
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_input.c:454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384] = "";
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_snd.c:86:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream, dma.buffer + pos, len1);
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_snd.c:91:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream+len1, dma.buffer, len2);
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *configstrings[MAX_CONFIGSTRINGS];
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientCommandString[MAX_STRING_CHARS]; // valid command string for SV_Netchan_Encode
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING]; // name, etc
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastClientCommandString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH]; // extracted from userinfo, high bits masked
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_QPATH]; // if not empty string, we are downloading
data/iortcw-1.51.c+dfsg1/SP/code/server/server.h:181:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *downloadBlocks[MAX_DOWNLOAD_WINDOW]; // the buffers for the download blocks
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_bot.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_bot.c:379:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->points, points, numPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_bot.c:396:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( poly->points, points, numPoints * sizeof( vec3_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cleanName[64];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:72:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int plid = atoi(s);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:136:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savemap[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:347:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:361:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:844:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:896:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
serverBans[index].subnet = atoi(maskpos);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:930:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:939:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writebuf[128];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1002:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*mask = atoi(suffix);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1034:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addy2[NET_ADDRSTRMAXLEN];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1089:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mask = atoi(Cmd_Argv(2));
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1227:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
todel = atoi(Cmd_Argv(1));
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1445:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1457:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( text, "console: " );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1497:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (text, "console_tell: ");
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:114:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clientChallenge = atoi(Cmd_Argv(1));
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:237:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:363:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(Info_ValueForKey(userinfo, "protocol"));
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:380:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
qport = atoi( Info_ValueForKey( userinfo, "qport" ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:381:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
challenge = atoi( Info_ValueForKey( userinfo, "challenge" ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:891:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int block = atoi( Cmd_Argv( 1 ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:940:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorMessage[1024];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:941:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pakbuf[MAX_QPATH], *pakptr;
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1252:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !pArg || *pArg == '@' || atoi( pArg ) != nChkSum1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1258:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !pArg || *pArg == '@' || atoi( pArg ) != nChkSum2 ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1270:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nClientChkSum[i] = atoi( Cmd_Argv( nCurArg++ ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1305:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nServerChkSum[i] = atoi( Cmd_Argv( i ) );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1386:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( val );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1399:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( val );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1409:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( val );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1479:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int id = atoi(idstr);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1831:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, encoded, packetsize);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c:131:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ent->s.modelindex = atoi( name + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c:209:62: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void SV_AdjustAreaPortalState( sharedEntity_t *ent, qboolean open ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c:216:61: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
CM_AdjustAreaPortalState( svEnt->areanum, svEnt->areanum2, open );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c:847:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( VMA( 1 ), VMA( 2 ), args[3] );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_init.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_init.c:690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systemInfo[16384];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:96:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[1024];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char player[1024];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[MAX_MSGLEN];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infostring[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infostring[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:739:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remaining[1024];
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sv_outputbuf[SV_OUTPUTBUF_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/splines/math_matrix.h:94:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mat, src, sizeof( *src ) );
data/iortcw-1.51.c+dfsg1/SP/code/splines/math_vector.cpp:142:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[ 8 ][ 36 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/math_vector.cpp:149:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( s, "%.2f %.2f %.2f", x, y, z );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parseFile[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32000];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32000];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp:347:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pi->token, *punc, l );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp:463:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:358:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:359:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_parsename[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:419:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:435:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1159:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp_buffer[MAX_VA_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1160:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_VA_STRING]; // in case va is called by nested functions
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1179:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buf, temp_buffer, len + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1279:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char value[2][BIG_INFO_VALUE]; // use two buffers so compares
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[MAX_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[BIG_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:381:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define Com_Memcpy memcpy
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:1132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_CVAR_VALUE_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:1312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stringData[MAX_GAMESTATE_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:1736:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[32];
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_splineshared.h:1742:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:586:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
loadCamera( atoi( param1 ), va( (char *)"cameras/%s.camera", param2 ) );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:960:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = static_cast<idCameraEvent::eventType>( atoi( token ) );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:964:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:1076:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:1095:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atol( token );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:1098:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = static_cast<idCameraPosition::positionType>( atoi( token ) );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:1101:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long t = atol( token );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:1103:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long d = atol( token );
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:1115:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:261:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%f", b );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:276:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%d", b );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:291:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%u", b );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:303:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%f", a );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:315:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%d", a );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:325:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 20 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:327:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%u", a );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[0x10000];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 32 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:252:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%.3f", num );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 32 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:266:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%d", num );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 32 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:280:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%u", num );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 2 ];
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[ 2 ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_log.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char consoleLog[ MAX_LOG ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:336:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[MAX_EDIT_LINE];
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_win32.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char qconsole_history[ QCONSOLE_HISTORY ][ MAX_EDIT_LINE ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_win32.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char qconsole_line[ MAX_EDIT_LINE ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_win32.c:492:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[ MAXPRINTMSG ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char binaryPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char installPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:218:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ( f = fopen( pidFile, "r" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:220:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidBuffer[ 64 ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:228:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = atoi( pidBuffer );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:240:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ( f = fopen( pidFile, "w" ) ) != NULL )
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:260:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modName[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:356:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[ MAXPRINTMSG ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:526:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libPath[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commandLine[ MAX_STRING_CHARS ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char homePath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char steamPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gogPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:200:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( "/dev/urandom", "r" );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:277:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen( ospath, mode );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:315:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fifo = fopen( ospath, "w+" );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:332:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH], newsubdirs[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:423:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[MAX_FOUND_FILES];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:580:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ 1024 ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:612:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open( ospath, O_CREAT | O_TRUNC | O_WRONLY, 0640 );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:631:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char execBuffer[ 1024 ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:633:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *execArgv[ 16 ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1012:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exit_cmdline[MAX_CMD] = "";
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1087:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[20];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1088:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:1089:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[MAX_CMD];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char homePath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char steamPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gogPath[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:101:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR szPath[MAX_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:280:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s_userName[1024];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:284:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_userName, "player" );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:288:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_userName, "player" );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:315:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:345:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[ MAX_OSPATH ] = { 0 };
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:373:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen( ospath, mode );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:409:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH], newsubdirs[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[MAX_OSPATH];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[MAX_FOUND_FILES];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:687:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ 1024 ];
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:895:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR szPathOrig[MAX_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archivedir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ex_argv[MAX_EX_ARGC];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebase[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[4096];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:217:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qdir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:218:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gamedir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:219:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writedir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:300:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:314:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:327:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archivename[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:651:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(fn, mode);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:724:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buffer)[length] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:784:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buffer)[length] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:831:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[128];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:886:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, path, src-path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:967:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atol (str);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:1089:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:1109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dir, path, ofs - path );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.h:49:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#pragma intrinsic( memset, memcpy )
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.h:81:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char qdir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.h:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char gamedir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.h:83:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char writedir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.h:120:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char com_token[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.h:134:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char archivedir[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputFilename[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:190:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *asmFiles[MAX_ASM_FILES];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:191:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *asmFileNames[MAX_ASM_FILES];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:208:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lineBuffer[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:210:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:669:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( lineBuffer, data, (p - data) );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sym[MAX_LINE_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:743:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sym, token, i );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:766:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sym, token+i+1, j-i-1 );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:923:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1067:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageName[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1322:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( imageName, ".map" );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageName[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1356:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( imageName, ".qvm" );
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_OS_PATH];
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:1552:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( outputFilename, "q3asm" );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXPRINTMSG];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:125:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:134:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gameList[4096];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:286:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi( Info_ValueForKey( info, "g_gametype" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:302:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.accuracy = atoi( UI_Argv( 3 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:303:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.impressives = atoi( UI_Argv( 4 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:304:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.excellents = atoi( UI_Argv( 5 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:305:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.defends = atoi( UI_Argv( 6 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:306:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.assists = atoi( UI_Argv( 7 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:307:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.gauntlets = atoi( UI_Argv( 8 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:308:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.baseScore = atoi( UI_Argv( 9 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:309:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.perfects = atoi( UI_Argv( 10 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:310:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.redScore = atoi( UI_Argv( 11 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:311:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.blueScore = atoi( UI_Argv( 12 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:312:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi( UI_Argv( 13 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:313:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.captures = atoi( UI_Argv( 14 ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:404:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader1[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:405:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader2[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:406:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader3[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_botInfos[MAX_BOTS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_arenaInfos[MAX_ARENAS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_TOKEN_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:95:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( token, "<NULL>" );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ARENAS_TEXT];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:165:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( filename, "scripts/" );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_BOTS_TEXT];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:289:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( filename, "scripts/" );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_EDIT_LINE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:706:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *teamMembers[TEAM_MEMBERS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:733:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *maps[MAPS_PER_TIER];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:775:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char motd[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:803:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[MAX_SERVERSTATUS_LINES][4];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:805:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SERVERSTATUS_TEXT];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:806:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pings[MAX_CLIENTS * 3];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:848:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerNames[MAX_CLIENTS][MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamNames[MAX_CLIENTS][MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:865:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *demoList[MAX_DEMOS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:869:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *movieList[MAX_MOVIES];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:885:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverStatusAddress[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char findPlayerName[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:892:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foundPlayerServerAddresses[MAX_FOUNDPLAYER_SERVERS][MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foundPlayerServerNames[MAX_FOUNDPLAYER_SERVERS][MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:903:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char q3HeadNames[MAX_PLAYERMODELS][64];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_local.h:912:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnPoints[MAX_SPAWNPOINTS][MAX_SPAWNDESC];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:412:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:493:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor[0], &color[0], sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:747:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUFILE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1084:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_BUFFER];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1086:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastName[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levelname[64];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hunkBuf[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1696:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expectedHunk = atoi( hunkBuf );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1811:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[256];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[256];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1819:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( model, "multi" );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headmodel[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2409:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.teamLeader = atoi( Info_ValueForKey( info, "tl" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2410:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team = atoi( Info_ValueForKey( info, "t" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2412:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2423:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team2 = atoi( Info_ValueForKey( info, "t" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2469:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2551:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[4096];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2552:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *lines[64];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:2615:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[140];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3205:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char masterstr[2], cvarname[sizeof("sv_master1")];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3690:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *monthStr[12] =
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3704:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[SAVE_INFOSTRING_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3705:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sglist[4096];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3866:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char movielist[4096];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3898:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demolist[NAMEBUFSIZE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3899:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demoExt[32];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3974:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4255:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.spawnCount = atoi( s ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4601:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4687:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[17];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4769:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4949:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4950:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4973:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4982:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4983:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_ADDRESSLENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5082:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selectType = atoi( param );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5083:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
itemIndex = atoi( param2 );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5295:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( uiInfo.serverStatus.motd, "Welcome to Team Arena!" );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5345:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clients = atoi( Info_ValueForKey( info, "clients" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5357:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxClients = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5613:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH + 2];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5614:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5873:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUDEFFILE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5921:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5922:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5923:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char clientBuff[32];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5947:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ping = atoi( Info_ValueForKey( info, "ping" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5957:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int nettype = atoi(Info_ValueForKey(info, "nettype"));
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5973:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi( Info_ValueForKey( info, "gametype" ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:6087:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:6673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:6674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filelist[2048];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:6675:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinname[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:6986:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7175:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastLoadingText[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dlSizeBuf[64], totalSizeBuf[64], xferRateBuf[64], dlTimeBuf[64];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[256];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_INFO_VALUE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:851:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( legs.torsoAxis, torso.axis, sizeof( torso.axis ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:959:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1086:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animModelInfo->version = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1138:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1157:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1164:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].loopFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1184:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].moveSpeed = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1191:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].animBlend = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1242:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skip = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1245:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].firstFrame = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1253:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
headAnims[i].numFrames = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20000];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_public.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servername[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_public.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateInfoString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_public.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messageString[MAX_STRING_CHARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:90:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[MEM_POOL_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:313:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char strPool[STRING_POOL_SIZE];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:417:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:419:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:442:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:566:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*i = atoi( token );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:696:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:1388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curscript[64];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:1513:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &item->window.rectClient, &rectFrom, sizeof( rectDef_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:1514:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &item->window.rectEffects, &rectTo, sizeof( rectDef_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:1644:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DC->feederAddItem( t->special, name, atoi( val ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:1681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024], *p;
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:1717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024], *p;
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:1720:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:2377:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:2403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:2466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3287:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3327:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3333:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newColor, &parent->disableColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3417:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infostring[SAVE_INFOSTRING_LENGTH];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3561:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3589:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3615:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[256];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3883:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g_nameBind1[32];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3884:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g_nameBind2[32];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3910:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( g_nameBind1, "???" );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3925:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3965:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &newColor, &item->window.foreColor, sizeof( vec4_t ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:5705:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &item->colorRanges[item->numColors], &color, sizeof( color ) );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h:118:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[MAX_SCRIPT_ARGS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h:212:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cvarList[MAX_MULTI_CVARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h:213:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cvarStr[MAX_MULTI_CVARS];
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.h:294:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *onKey[255]; // NERVE - SMF - execs commands when a key is pressed
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/ioapi.c:19:36: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define FOPEN_FUNC(filename, mode) fopen(filename, mode)
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/ioapi.c:109:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, mode_fopen);
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/ioapi.h:54:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen64 fopen
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/ioapi.h:59:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen64 fopen
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/ioapi.h:64:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen64 fopen
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/unzip.c:1277:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szCurrentFileName[UNZ_MAXFILENAMEINZIP+1];
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/unzip.c:1493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source[12];
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:284:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( value, epair->value, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:425:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize += strlen( token.string ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:432:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize += strlen( token.string ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:469:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
epair->key = (char *) buftrav; buftrav += ( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:477:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
epair->value = (char *) buftrav; buftrav += ( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_bspq3.c:519:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bspworld.entdatasize = strlen( botimport.BSPEntityData() ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:170:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( *aasworld ).configstrings[i] = (char *) GetMemory( strlen( configstrings[i] ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:367:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strcat( this_mapname, sizeof( this_mapname ) - strlen( this_mapname ) - 1, "_b" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_aas_main.c:369:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strcat( this_mapname, sizeof( this_mapname ) - strlen( this_mapname ) - 1, intstr );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:197:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch->c[i].value.string = (char *) GetMemory( strlen( defaultch->c[i].value.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:289:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch->c[index].value.string = GetMemory( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:528:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out->c[i].value.string = (char *) GetMemory( strlen( ch1->c[i].value.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_char.c:739:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, ch->c[index].value.string, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:453:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( &message[i], &message[i + 1], strlen( &message[i + 1] ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:477:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( oldptr, ptr, strlen( ptr ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:496:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:496:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:529:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:529:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:585:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( str2 <= str && str < str2 + strlen( replacement ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:591:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:591:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:591:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:591:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:593:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( str, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:596:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = StringContainsWord( str + strlen( replacement ), synonym, qfalse );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:715:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token.string ) <= 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:720:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(token.string) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:885:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str1 + strlen( replacement ), str1 + strlen( synonym->string ),
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:885:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str1 + strlen( replacement ), str1 + strlen( synonym->string ),
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:886:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( str1 + strlen( synonym->string ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:886:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( str1 + strlen( synonym->string ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:888:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( str1, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:925:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + strlen( token.string ) + 1 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:925:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + strlen( token.string ) + 1 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:933:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + 7 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:937:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( &ptr[strlen( ptr )], "%cv%ld%c", ESCAPE_CHAR, token.intvalue, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:941:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + 7 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:945:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( &ptr[strlen( ptr )], "%cr%s%c", ESCAPE_CHAR, token.string, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1035:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(token.string) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1063:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(chatmessagestring) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1250:93: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
matchstring = (bot_matchstring_t *) GetClearedHunkMemory( sizeof( bot_matchstring_t ) + strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1253:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( token.string ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1419:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( ms->string ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1442:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strptr = newstrptr + strlen( ms->string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1452:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !mp && ( lastvariable >= 0 || !strlen( strptr ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1455:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match->variables[lastvariable].length = strlen( match->variables[lastvariable].ptr );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1473:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ( strlen( match->string ) &&
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1474:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match->string[strlen( match->string ) - 1] == '\n' )
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1476:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match->string[strlen( match->string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1504:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1512:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, match->variables[variable].ptr, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1517:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1585:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = GetClearedMemory( sizeof( bot_stringlist_t ) + strlen( temp ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1827:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( namebuffer, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1836:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( namebuffer ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1837:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( namebuffer, "\\" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1846:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key->string = (char *) GetClearedHunkMemory( strlen( namebuffer ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1858:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key->string = (char *) GetClearedHunkMemory( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:1887:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chatmessage = (bot_chatmessage_t *) GetClearedHunkMemory( sizeof( bot_chatmessage_t ) + strlen( chatmessagestring ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2035:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(chatmessagestring) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2231:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len + strlen( temp ) >= MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2236:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( temp );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2258:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len + strlen( ptr ) >= MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2263:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( ptr );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2432:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[0].length = strlen( var0 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2436:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[1].length = strlen( var1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2440:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[2].length = strlen( var2 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2444:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[3].length = strlen( var3 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2448:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[4].length = strlen( var4 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2452:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[5].length = strlen( var5 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2456:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[6].length = strlen( var6 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2460:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[7].length = strlen( var7 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2614:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[0].length = strlen( var0 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2618:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[1].length = strlen( var1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2622:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[2].length = strlen( var2 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2626:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[3].length = strlen( var3 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2630:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[4].length = strlen( var4 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2634:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[5].length = strlen( var5 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2638:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[6].length = strlen( var6 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2642:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[7].length = strlen( var7 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2674:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen( cs->chatmessage );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2690:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cs->chatmessage ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2700:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cs->chatmessage, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2718:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, cs->chatmessage, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2721:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cs->chatmessage, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_chat.c:2757:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( cs->name, name, sizeof( cs->name ) - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:644:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( name, itemconfig->iteminfo[li->iteminfo].name, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_goal.c:649:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( name, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_ai_weight.c:366:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->weights[config->numweights].name = (char *) GetClearedMemory( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/be_interface.c:264:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( value, varvalue, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.c:90:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v->name = (char *) GetMemory(strlen(var_name)+1);
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.c:194:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v->string = (char *) GetMemory( strlen( value ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_libvar.c:245:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v->string = (char *) GetMemory( strlen( value ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_log.c:69:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !filename || !strlen( filename ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:466:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:469:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string, t->string, MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:469:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat( token->string, t->string, MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:471:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat( token->string, "\"", MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:471:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat( token->string, "\"", MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:489:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t1->string[strlen( t1->string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:678:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
define->name = (char *) GetMemory(strlen(builtin[i].string) + 1);
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:723:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->subtype = strlen( token->string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:732:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:733:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string, curtime + 4, 7 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:734:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string + 7, curtime + 20, 4 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:735:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:738:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->subtype = strlen( token->string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:747:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:748:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string, curtime + 11, 8 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:749:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:752:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->subtype = strlen( token->string );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:934:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(ptr, ptr+1, strlen(ptr));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:1002:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( path ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:1190:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
define->name = (char *) GetMemory(strlen(token.string) + 1);
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:1295:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
script = LoadScriptMemory( string, strlen( string ), "*extern" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:1424:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newdefine->name = (char *) GetMemory(strlen(define->name) + 1);
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2380:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token.string, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2411:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token.string, "-" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2722:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->string[strlen( token->string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2723:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token->string ) + strlen( newtoken.string + 1 ) + 1 >= MAX_TOKEN ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2723:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token->string ) + strlen( newtoken.string + 1 ) + 1 >= MAX_TOKEN ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2796:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( str, "" );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2817:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_precomp.c:2958:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(source->includepath);
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:192:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( p->p ) < strlen( newp->p ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:192:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( p->p ) < strlen( newp->p ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:808:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( p );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:959:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:980:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1140:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(string, string+1, strlen(string));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1142:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( string[strlen( string ) - 1] == '\"' ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1143:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string[strlen( string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1154:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(string, string+1, strlen(string));
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1156:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( string[strlen( string ) - 1] == '\'' ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1157:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string[strlen( string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1288:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_script.c:1339:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( basefolder ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_struct.c:226:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( (char *) p, token.string, MAX_STRINGFIELD - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/botlib/l_struct.c:367:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:479:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extptr = locfilename + strlen( locfilename ) - 4;
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_consolecmds.c:510:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( buffptr, strlen( buffptr ), f );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:78:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:115:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:166:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:257:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(num);
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:309:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( num );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:1354:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( cg.centerPrint );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:1406:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( cg.centerPrint );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2813:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:2817:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s2 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3124:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( cg.oidPrint );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_draw.c:3887:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cg_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_ents.c:184:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringlength = strlen( cent->dl_stylestring );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_event.c:1124:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( s && strlen( s ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_flamethrower.c:1194:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( str, strlen( str ), f );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:669:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( str ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:678:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( cent->dl_stylestring, token, strlen( token ) );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:684:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cent->dl_oldframe = strlen( cent->dl_stylestring );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:693:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( j = 0; j < strlen( cent->dl_stylestring ); j++ ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_main.c:1562:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( parm1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_newdraw.c:1895:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_predict.c:731:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cg_missionStats.string ) > 1 || cg_norender.integer ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_scoreboard.c:346:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !buf || !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:324:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( originalShader, o, n - o );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:329:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( newShader, n, t - n );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:337:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( timeOffset, t, o - t );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1061:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( headModelVoiceChat[i].headmodel ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1077:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( voiceChatLists[i].name ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1081:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( headModelVoiceChat[j].headmodel ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1100:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( headModelVoiceChat[j].headmodel ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1373:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( temp, buf + prev, i - prev );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1376:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token, buf + prev, i - prev );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1393:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( temp, buf + prev, i - prev );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_servercmds.c:1396:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token, buf + prev, i - prev );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_spawn.c:142:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( string );
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_view.c:1331:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !( cstr = (char *)CG_ConfigString( CS_SKYBOXORG ) ) || !strlen( cstr ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/cgame/cg_view.c:1338:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cg_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_avi.c:96:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_Memcpy( &buffer[ bufIndex ], s, strlen( s ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_avi.c:97:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufIndex += strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:261:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( dup );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:338:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:338:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:347:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) + 1 >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:347:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) + 1 >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:351:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( bigConfigString, "\"" );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:757:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( VMA(1), VMA(2), args[3] );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:983:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( outbuf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:998:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( outstr, strlen( outstr ), handle );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_cgame.c:1403:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tagnameSize = strlen( tagname ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:288:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buffer, strlen( buffer ), f );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:666:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
skip = strlen( buf ) + 2;
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:672:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
skip = strlen( buf ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_console.c:739:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen( Q3_VERSION );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1310:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1360:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = drawLen - strlen( str );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1397:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pasteLen = strlen( cbd );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1425:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:1489:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2013:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( cmd, " " );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2541:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( numChars > ( strlen( consoleSaveBuffer ) - ( text_p - consoleSaveBuffer ) ) )
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2588:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lineLength = strlen( historyEditLines[ i ].buffer );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2589:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
saveBufferLength = strlen( consoleSaveBuffer );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2592:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
additionalLength = lineLength + strlen( "999 999 999 " );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_keys.c:2610:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
consoleSaveBufferSize = strlen( consoleSaveBuffer );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:923:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( cl_timedemoLog && strlen( cl_timedemoLog->string ) > 0 )
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1711:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( cl_cdkey );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1778:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( cl_reconnectArgs ) )
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1860:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CL_UpdateGUID( serverString, strlen( serverString ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1957:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( rconAddress->string ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:1970:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( NS_CLIENT, strlen( message ) + 1, message, to );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2309:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zippath[strlen(zippath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2340:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = localName + strlen( localName ); // point at the nul byte
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2389:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( clc.downloadList, s, strlen( s ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2411:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cl_updatefiles->string ) > 4 ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:2521:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_OutOfBandData( NS_CLIENT, clc.serverAddress, (byte *) data, strlen ( data ) );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3308:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( itemStr, " " );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:3377:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( cacheItems[i][j].name, strlen( cacheItems[i][j].name ), handle );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4359:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( info ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4360:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( info[strlen( info ) - 1] != '\n' ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4526:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( serverStatus->string );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4535:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( serverStatus->string );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4553:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( serverStatus->string );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4601:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( NS_CLIENT, strlen( message ), message, to );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:4603:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( NS_CLIENT, strlen( message ), message, to );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5099:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( key );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5104:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( checksum && strlen( checksum ) != CDCHKSUM_LEN ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5203:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, cl.limboChatMsgs[index], 140 );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5237:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( t->original, original, MAX_TRANS_STRING );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5242:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( t->translated[i], translated[i], MAX_TRANS_STRING );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5336:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cl.translationVersion ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5342:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5360:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( t->translated[0] ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5373:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5377:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5381:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5385:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5389:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5393:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5429:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( original );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5440:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( translated );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5454:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( format_org );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5456:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len != strlen( format_trans ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5601:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( t->translated[i], translated[i], MAX_TRANS_STRING );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5713:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( currentLanguage == -1 || currentLanguage >= MAX_LANGUAGES || !strlen( string ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5718:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( string[strlen( string ) - 1] == '\n' ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5731:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( t && strlen( t->translated[currentLanguage] ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5744:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len2 = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5753:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len2 = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5771:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len2 = strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5808:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( p );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_main.c:5824:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !url || !strlen( url ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_parse.c:629:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:350:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SCR_DrawStringExt( 320 - strlen( string ) * 4, 20, 8, string, g_color_table[7], qtrue, qfalse );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:388:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SCR_DrawStringExt( 320 - strlen( string ) * 4, 10, 8, string, g_color_table[7], qtrue, qfalse );
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_scrn.c:411:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
w = strlen( string ) * TINYCHAR_WIDTH;
data/iortcw-1.51.c+dfsg1/MP/code/client/cl_ui.c:1040:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( VMA(1), VMA(2), args[3] );
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:149:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = MIN(sizeof(lm->identity)/sizeof(wchar_t), strlen(identity)+1);
data/iortcw-1.51.c+dfsg1/MP/code/client/libmumblelink.c:167:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = MIN(sizeof(lm->description)/sizeof(wchar_t), strlen(description)+1);
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.c:187:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return stream->codec->read(stream, bytes, buffer);
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_codec.h:64:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CODEC_READ read;
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:292:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= MAX_QPATH) {
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_dma.c:380:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:207:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( filename ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:2696:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((curlen = strlen(devicelist)))
data/iortcw-1.51.c+dfsg1/MP/code/client/snd_openal.c:2791:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((curlen = strlen(inputdevicelist)))
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast.c:717:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( loading ) > 0 && atoi( loading ) != 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_characters.c:1463:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !ent->aiSkin || !strlen( ent->aiSkin ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_debug.c:119:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !param || strlen( param ) < 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_debug.c:157:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->classname = G_Alloc( strlen( cmd ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:314:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( filename ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:442:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token ) > 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:449:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:455:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:456:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:457:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:478:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:500:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:501:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->stack.items[curEvent->stack.numItems].params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:502:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->stack.items[curEvent->stack.numItems].params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:604:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:620:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:633:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:673:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_script.c:708:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_think.c:740:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cast_think.c:867:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:75:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:75:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:102:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:102:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:131:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:131:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:162:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:195:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:195:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:232:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:232:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:271:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( mapname, Info_ValueForKey( info, "mapname" ), sizeof( mapname ) - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_chat.c:753:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
} else { strcpy( name, "" );}
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:150:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( goalname ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:284:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:399:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:410:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:877:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( bs->subteam, teammate, 32 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:898:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bs->subteam ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:902:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( bs->subteam, "" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:919:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bs->subteam ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_cmd.c:1055:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( bs->teamleader, teammate, sizeof( bs->teamleader ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmnet.c:633:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:275:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( name, Info_ValueForKey( buf, "n" ), size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:294:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( skin, Info_ValueForKey( buf, "model" ), size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:355:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( ptr, ptr + 1, strlen( ptr + 1 ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:362:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str1, str2 + 1, strlen( str2 + 1 ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:363:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else { memmove( str2, str1 + 1, strlen( str1 + 1 ) + 1 );}
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:368:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( name, name + 2, strlen( name + 2 ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:381:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( ptr, ptr + 1, strlen( ptr + 1 ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:384:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, name, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:1947:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( mapname, Info_ValueForKey( info, "mapname" ), sizeof( mapname ) - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_dmq3.c:2266:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( classname, "" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1059:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1064:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1069:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1074:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1079:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1080:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1086:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1087:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1093:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1094:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1099:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1100:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1105:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1110:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1115:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1120:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1125:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1130:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1136:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1137:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1142:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1147:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_main.c:1152:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:63:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( bs->teamleader ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:85:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:85:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:141:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:141:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/ai_team.c:541:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( bs->teamleader, netname, sizeof( bs->teamleader ) );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:450:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( *offset + strlen( string ) + 1 >= bufSize ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:460:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*offset += strlen( string ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:593:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token ); // unget the token
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:794:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( currentString ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:820:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( token[strlen( token ) - 1] == ',' ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:822:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token[strlen( token ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:825:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( currentString ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:833:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( currentString ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:921:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( token[strlen( token ) - 1] == ',' ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:922:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token[strlen( token ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:967:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*input -= strlen( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1022:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*input -= strlen( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1255:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1257:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1283:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1285:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1377:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1379:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1405:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_animation.c:1407:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:183:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen( const char *string ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:208:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
char *strncat( char *strDestination, const char *strSource, size_t num ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.c:355:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *strncpy( char *strDest, const char *strSource, size_t count ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:86:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen( const char *string );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:88:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
char *strncat( char *strDestination, const char *strSource, size_t num );
data/iortcw-1.51.c+dfsg1/MP/code/game/bg_lib.h:94:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *strncpy( char *strDest, const char *strSource, size_t count );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:90:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( entry );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:150:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen( arg );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:177:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_cmds.c:1547:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( arg2 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_main.c:1917:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( string, strlen( string ), level.logFile );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:1304:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->nextthink = level.time + ( strlen( ent->dl_stylestring ) * 100 ) - 100;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:1334:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ent->dl_stylestring && strlen( ent->dl_stylestring ) ) { // if they're specified in a string, use em
data/iortcw-1.51.c+dfsg1/MP/code/game/g_misc.c:1343:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->count = strlen( ent->dl_stylestring );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_mover.c:4292:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( ent->spawnflags & 4 ) && ent->model && strlen( ent->model ) ) { // use shader
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:246:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( filename ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:371:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:377:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:378:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:379:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:400:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:422:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:423:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->stack.items[curEvent->stack.numItems].params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:424:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->stack.items[curEvent->stack.numItems].params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script.c:541:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:833:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->tagName = G_Alloc( strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_script_actions.c:834:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( ent->tagName, token, strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:746:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( string ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:891:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( string );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:1020:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( testid2 ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:1030:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( testid1 ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/game/g_spawn.c:1035:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( testid3 ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:176:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( iplist_final ) + strlen( ip ) < MAX_CVAR_VALUE_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_svcmds.c:176:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( iplist_final ) + strlen( ip ) < MAX_CVAR_VALUE_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:818:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( def ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:1006:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( entry );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:1196:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->message = G_Alloc( strlen( desc ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_team.c:1197:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( ent->message, desc, strlen( desc ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/game/g_trigger.c:681:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !ent->target || !( strlen( ent->target ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:99:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:122:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:152:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( text && strlen( text ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:407:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( cmd_args, " " );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:432:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( cmd_args, " " );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cmd.c:479:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(c) > MAX_CVAR_VALUE_STRING - 1)
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:191:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( strlen( msg ) + strlen( rd_buffer ) ) > ( rd_buffersize - 1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:191:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( strlen( msg ) + strlen( rd_buffer ) ) > ( rd_buffersize - 1 ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:244:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( msg, strlen( msg ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:602:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:602:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:643:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:648:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = ptr + strlen( buf );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1122:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1137:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1151:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1153:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1205:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = S_Malloc( strlen( in ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1502:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1506:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1512:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1514:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1536:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1555:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1561:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:1563:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2053:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( s ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2573:15: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
savedumask = umask(0077);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2594:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(savedumask);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2952:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2962:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for( i = accu; i < accu + read; ++i )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2969:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf[ accu + read ] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:2971:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accu += read;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3413:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_stricmpn( s, completionString, strlen( completionString ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3424:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( i >= strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3442:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_stricmpn( s, shortestMatch, strlen( shortestMatch ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3456:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_stricmpn( s, shortestMatch, strlen( shortestMatch ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3471:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 0; i < strlen( s ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3492:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
completionOffset = strlen( completionField->buffer ) - strlen( completionString );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3492:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
completionOffset = strlen( completionField->buffer ) - strlen( completionString );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3497:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
completionField->cursor = strlen( completionField->buffer );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3563:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *( cmd + strlen( cmd ) - 1 ) == ' ' )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3579:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( completionField->buffer ) + 1 >=
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3585:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( completionField->buffer ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/common.c:3617:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( completionString ) == 0 )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:968:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->latchedString ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:968:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->latchedString ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:975:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->string ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:975:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->string ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:982:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buffer, strlen( buffer ), f );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:1418:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cv->string ) + 1 > MAX_CVAR_VALUE_STRING )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/cvar.c:1421:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned int) strlen(cv->string));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:509:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (s, s + 1, strlen (s));
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:678:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
testpath[strlen(testpath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:698:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:753:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen( ospath ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:768:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:784:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:799:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:844:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
from_ospath[strlen( from_ospath ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:845:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
to_ospath[strlen( to_ospath ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1101:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extlen = strlen(ext);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1173:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( string );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1323:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1402:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1675:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1798:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1833:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
remaining -= read;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1834:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf += read;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:1903:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( msg, strlen( msg ), h );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2318:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( filename_inzip ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2346:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( pack->pakBasename ) > 4 && !Q_stricmp( pack->pakBasename + strlen( pack->pakBasename ) - 4, ".pk3" ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2346:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( pack->pakBasename ) > 4 && !Q_stricmp( pack->pakBasename + strlen( pack->pakBasename ) - 4, ".pk3" ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2347:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pack->pakBasename[strlen( pack->pakBasename ) - 4] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2367:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namePtr += strlen( filename_inzip ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2519:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathLength = strlen( path );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2523:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extensionLength = strlen( extension );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2566:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( name );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2674:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = strlen( pFiles[i] ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2888:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = strlen(name) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:2892:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDescLen = strlen(description) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3212:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curpath[strlen(curpath) - 1] = '\0'; // strip the trailing slash
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3226:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pakfile[ strlen( pakfile ) - 1 ] = 0; // strip the trailing slash
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3428:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
origpos += strlen(origpos);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3452:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(origpos) + (origpos - neededpaks) >= len - 1)
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3742:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(pakBasename) == 7 && !Q_stricmpn( pakBasename, "mp_pak", 6 )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:3865:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(pakBasename) == 4 && !Q_stricmpn( pakBasename, "pak", 3 )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4073:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (search->pack->referenced || Q_stricmpn(search->pack->pakGamename, com_basegame->string, strlen(com_basegame->string))) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4101:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (search->pack->referenced || Q_stricmpn(search->pack->pakGamename, com_basegame->string, strlen(com_basegame->string))) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4140:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info[strlen( info ) + 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4141:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info[strlen( info ) + 2] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4142:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info[strlen( info )] = '@';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/files.c:4143:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info[strlen( info )] = ' ';
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/json.h:221:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int nameLen = strlen(name);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c:326:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/msg.c:352:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_chan.c:593:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( sock, strlen( string ), string, adr );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1154:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulen = strlen( net_socksUsername->string );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/net_ip.c:1155:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen( net_socksPassword->string );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/pbmd5.c:375:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( strlen( str ) > 2 ) && ( str[0] == '0' ) && ( tolower( str[1] ) == 'x' ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:145:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( out, in, strlen( in ) );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:161:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(in);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:162:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extlen = strlen(ext);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:729:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, n = 0, len = strlen( str );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:861:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dest, src, destsize-1 );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:955:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen( dest );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:976:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(find);
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1131:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( len = strlen( temp_buffer ) ) >= MAX_VA_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1156:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1223:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1318:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1354:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start, s, strlen(s) + 1); // remove this part
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1376:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1412:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start, s, strlen(s) + 1); // remove this part
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1455:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1469:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !value || !strlen( value ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1475:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1475:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1496:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1516:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1516:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/q_shared.c:1538:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 0; i < strlen( set ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/qcommon/vm.c:279:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chars = strlen( token );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2667:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2683:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2778:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keyLength = strlen(keyname) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_bsp.c:2779:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tokenLength = strlen(com_token) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_fbo.c:84:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:441:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(shaderText);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:509:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:519:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(GLSL_CompileGPUShader(program->program, &program->vertexShader, vpCode, strlen(vpCode), GL_VERTEX_SHADER)))
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:528:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(GLSL_CompileGPUShader(program->program, &program->fragmentShader, fpCode, strlen(fpCode), GL_FRAGMENT_SHADER)))
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:600:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
postHeader = &vpCode[strlen(vpCode)];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:601:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= strlen(vpCode);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:619:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
postHeader = &fpCode[strlen(fpCode)];
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_glsl.c:620:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= strlen(fpCode);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:2187:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3238:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_image.c:3269:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strcmp( name + strlen( name ) - 5, ".skin" ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_init.c:1129:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int remainingLength = strlen(string);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:86:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 first
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:88:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC first
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:94:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC second
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:96:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 second
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:348:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:733:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(surf->name);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model.c:1274:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(surf->name);
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:473:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
joint_names += strlen( (char *)header + header->ofs_text +
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:799:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_model_iqm.c:1672:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names += strlen( names ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shade_calc.c:361:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:2336:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
normalName[strlen(normalName) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3550:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3584:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3614:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3832:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( textEnd, "\n" );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_shader.c:3833:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textEnd += strlen( textEnd );
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:122:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/MP/code/rend2/tr_vbo.c:190:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:2097:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_bsp.c:2113:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1118:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1895:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_image.c:1926:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strcmp( name + strlen( name ) - 5, ".skin" ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_init.c:1034:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int remainingLength = strlen(string);
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:86:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 first
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:88:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC first
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:94:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC second
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:96:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 second
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:115:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename[strlen( filename ) - 1] = 'c';
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:367:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:993:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( surf->name );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model.c:1211:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( surf->name );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model_iqm.c:470:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
joint_names += strlen( (char *)header + header->ofs_text +
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model_iqm.c:796:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_model_iqm.c:1409:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names += strlen( names ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shade_calc.c:350:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:2812:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:2846:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:2876:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:3095:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( textEnd, "\n" );
data/iortcw-1.51.c+dfsg1/MP/code/renderer/tr_shader.c:3096:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textEnd += strlen( textEnd );
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:245:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( newModeString ) < (int)sizeof( buf ) - strlen( buf ) )
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:245:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( newModeString ) < (int)sizeof( buf ) - strlen( buf ) )
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:253:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ strlen( buf ) - 1 ] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:349:3: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf( version, "OpenGL %5s %d.%d", profile, &qglesMajorVersion, &qglesMinorVersion );
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:1186:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*glConfig.renderer_string && glConfig.renderer_string[strlen(glConfig.renderer_string) - 1] == '\n')
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:1187:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
glConfig.renderer_string[strlen(glConfig.renderer_string) - 1] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/sdl/sdl_glimp.c:1203:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extensionLength = strlen( extension );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:931:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write(writebuf, strlen(writebuf), writeto);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1405:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = 39 - strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1445:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen( p ) - 1] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_ccmds.c:1485:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p)-1] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:419:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( strlen( ip ) + strlen( userinfo ) + 4 ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:419:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( strlen( ip ) + strlen( userinfo ) + 4 ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1512:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( val ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1525:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( val ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1527:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( i <= 0 || i > 100 || strlen( val ) > 4 ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1535:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(val))
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1578:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) - strlen( val ) + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1578:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) - strlen( val ) + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1578:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) - strlen( val ) + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1580:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) + 4 + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_client.c:1580:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) + 4 + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c:852:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( VMA(1), VMA(2), args[3] );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c:1008:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( text && strlen( text ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_game.c:1009:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textLen = strlen( text ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c:51:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sv.configstrings[index]);
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_init.c:687:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( p ) == 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:196:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( (char *)message ) > 1022 ) {
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:585:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(Cmd_Argv(1)) > 128)
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:603:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
playerLength = strlen( player );
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:659:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(Cmd_Argv(1)) > 128)
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:816:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( sv_rconPassword->string ) ||
data/iortcw-1.51.c+dfsg1/MP/code/server/sv_main.c:843:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( sv_rconPassword->string ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_parse.cpp:339:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( *punc );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:107:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(in);
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:108:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extlen = strlen(ext);
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:145:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( out, in, strlen( in ) );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:769:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 2; i < strlen( str ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:919:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dest, src, destsize - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1001:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen( dest );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1022:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(find);
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1170:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( len = strlen( temp_buffer ) ) >= MAX_VA_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1221:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1288:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1383:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1419:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start, s, strlen(s) + 1); // remove this part
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1441:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1520:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1534:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !value || !strlen( value ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1540:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1540:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1560:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1579:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1579:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/MP/code/splines/q_shared.cpp:1601:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 0; i < strlen( set ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/splines/splines.cpp:123:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qglCallLists( strlen( label ), GL_UNSIGNED_BYTE, label );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:237:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:367:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( m_data->data, olddata->data, len + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.cpp:450:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dst, buffer, size - 1 );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:181:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:253:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:267:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:281:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:310:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = length() + strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:406:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:429:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen( text ) < (unsigned) m_data->len );
data/iortcw-1.51.c+dfsg1/MP/code/splines/util_str.h:443:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_log.c:63:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int length = strlen( in );
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:126:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(TTY_CONSOLE_PROMPT); i > 0; i--) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:152:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = write(STDOUT_FILENO, TTY_CONSOLE_PROMPT, strlen(TTY_CONSOLE_PROMPT));
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:344:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
avail = read(STDIN_FILENO, &key, 1);
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:400:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = write(STDOUT_FILENO, TTY_CONSOLE_PROMPT, strlen(TTY_CONSOLE_PROMPT));
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:411:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
avail = read(STDIN_FILENO, &key, 1);
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:417:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
avail = read(STDIN_FILENO, &key, 1);
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:483:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(STDIN_FILENO, text, sizeof(text));
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_tty.c:523:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (msg[strlen(msg) - 1] == '\n') {
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_win32.c:142:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qconsole_linelen = strlen( qconsole_line );
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_win32.c:175:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qconsole_linelen = strlen( qconsole_line );
data/iortcw-1.51.c+dfsg1/MP/code/sys/con_win32.c:419:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qconsole_linelen = strlen( qconsole_line );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_main.c:153:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bufsize = strlen( cliptext ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:370:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:388:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:457:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extLen = strlen( extension );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:476:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( d->d_name ) < extLen ||
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:478:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->d_name + strlen( d->d_name ) - extLen,
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:567:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep( msec * 1000 );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:656:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen( text ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_unix.c:971:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen( DLL_EXT );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:377:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( path ) - 1;
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:388:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( base ) - 1;
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:408:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( dir ) - 1;
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:427:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( ospath );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:502:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:517:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:548:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l0 = strlen(s0);
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:549:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen(s1);
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:615:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extLen = strlen( extension );
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:631:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( findinfo.name ) < extLen ||
data/iortcw-1.51.c+dfsg1/MP/code/sys/sys_win32.c:633:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
findinfo.name + strlen( findinfo.name ) - extLen,
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:237:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(BASEDIRNAME);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:238:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (c=path+strlen(path)-1 ; c != path ; c--)
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:256:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (qdir, path, c+len+count-path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:258:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( qdir ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:269:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (gamedir, path, c+1-path);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:271:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( gamedir ); i++ )
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:281:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( writedir[strlen( writedir )-1] != '/' )
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:283:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writedir[strlen( writedir )] = '/';
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:284:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writedir[strlen( writedir )+1] = 0;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:357:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = malloc(strlen(s)+1);
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:400:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(out, "."); /* shrug */
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:401:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (out, "\\");
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:404:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(out, "."); /* shrug */
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:405:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (out, "/");
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:816:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:845:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path)-1;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:855:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path)-1;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:878:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:894:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/cmdlib.c:913:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/MP/code/tools/asm/q3asm.c:705:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, q, p - q);
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_atoms.c:251:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( gameFile );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:99:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc( strlen( info ) + strlen( "\\num\\" ) + strlen( va( "%d", MAX_ARENAS ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:99:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc( strlen( info ) + strlen( "\\num\\" ) + strlen( va( "%d", MAX_ARENAS ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:99:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc( strlen( info ) + strlen( "\\num\\" ) + strlen( va( "%d", MAX_ARENAS ) ) + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:165:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_gameinfo.c:326:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:477:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:512:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:579:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:684:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:771:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = text + strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:790:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = text + strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:844:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:964:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3456:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3460:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirptr += dirlen + strlen( descptr ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3533:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( sgname );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3572:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( moviename );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:3619:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(demoname);
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4048:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !s || !strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4061:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !s || !strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4099:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !s || !strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4106:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( s && strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4163:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( s && strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4182:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( s && strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4311:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4657:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buff[0] != 32 && strlen( buff ) == CDKEY_LEN ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4763:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) && strcmp( s, "localhost" ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4784:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) && strcmp( s, "localhost" ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4798:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) && strcmp( s, "localhost" ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4907:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4907:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4927:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4939:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:4939:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5386:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( uiInfo.serverStatus.motd );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5389:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( uiInfo.serverStatus.motd );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5614:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( serverStatusCvars[i].altName ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5746:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( &info->pings[len] ) + 1;
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:5815:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( uiInfo.findPlayerName ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7218:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( strlen( buf ) ) && ( Q_stricmp( buf,";" ) ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7309:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d GB",
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7309:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d GB",
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7313:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d MB",
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7313:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d MB",
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7490:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( s );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_main.c:7977:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) ) {
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_players.c:1126:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token ); // unget the token
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:271:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( p );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:2480:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buff );
data/iortcw-1.51.c+dfsg1/MP/code/ui/ui_shared.c:3450:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buff, start, p - start + 1 );
data/iortcw-1.51.c+dfsg1/MP/code/zlib-1.2.11/unzip.c:1260:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(szFileName)>=UNZ_MAXFILENAMEINZIP)
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:284:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( value, epair->value, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:425:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize += strlen( token.string ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:432:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize += strlen( token.string ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:469:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
epair->key = (char *) buftrav; buftrav += ( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:477:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
epair->value = (char *) buftrav; buftrav += ( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_bspq3.c:519:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bspworld.entdatasize = strlen( botimport.BSPEntityData() ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:170:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( *aasworld ).configstrings[i] = (char *) GetMemory( strlen( configstrings[i] ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:367:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strcat( this_mapname, sizeof( this_mapname ) - strlen( this_mapname ) - 1, "_b" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_aas_main.c:369:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strcat( this_mapname, sizeof( this_mapname ) - strlen( this_mapname ) - 1, intstr );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:197:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch->c[i].value.string = (char *) GetMemory( strlen( defaultch->c[i].value.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:289:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch->c[index].value.string = GetMemory( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:528:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out->c[i].value.string = (char *) GetMemory( strlen( ch1->c[i].value.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_char.c:739:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, ch->c[index].value.string, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:453:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( &message[i], &message[i + 1], strlen( &message[i + 1] ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:477:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( oldptr, ptr, strlen( ptr ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:496:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:496:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:529:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:529:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:585:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( str2 <= str && str < str2 + strlen( replacement ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:591:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:591:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:591:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:591:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str + strlen( replacement ), str + strlen( synonym ), strlen( str + strlen( synonym ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:593:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( str, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:596:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = StringContainsWord( str + strlen( replacement ), synonym, qfalse );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:715:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token.string ) <= 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:720:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(token.string) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:885:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str1 + strlen( replacement ), str1 + strlen( synonym->string ),
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:885:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str1 + strlen( replacement ), str1 + strlen( synonym->string ),
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:886:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( str1 + strlen( synonym->string ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:886:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( str1 + strlen( synonym->string ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:888:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( str1, replacement, strlen( replacement ) );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:925:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + strlen( token.string ) + 1 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:925:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + strlen( token.string ) + 1 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:933:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + 7 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:937:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( &ptr[strlen( ptr )], "%cv%ld%c", ESCAPE_CHAR, token.intvalue, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:941:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) + 7 > MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:945:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( &ptr[strlen( ptr )], "%cr%s%c", ESCAPE_CHAR, token.string, ESCAPE_CHAR );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1035:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(token.string) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1063:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(chatmessagestring) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1250:93: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
matchstring = (bot_matchstring_t *) GetClearedHunkMemory( sizeof( bot_matchstring_t ) + strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1253:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( token.string ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1419:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( ms->string ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1442:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strptr = newstrptr + strlen( ms->string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1452:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !mp && ( lastvariable >= 0 || !strlen( strptr ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1455:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match->variables[lastvariable].length = strlen( match->variables[lastvariable].ptr );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1473:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ( strlen( match->string ) &&
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1474:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match->string[strlen( match->string ) - 1] == '\n' )
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1476:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match->string[strlen( match->string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1504:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1512:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, match->variables[variable].ptr, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1517:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1585:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = GetClearedMemory( sizeof( bot_stringlist_t ) + strlen( temp ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1827:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( namebuffer, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1836:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( namebuffer ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1837:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( namebuffer, "\\" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1846:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key->string = (char *) GetClearedHunkMemory( strlen( namebuffer ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1858:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key->string = (char *) GetClearedHunkMemory( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:1887:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chatmessage = (bot_chatmessage_t *) GetClearedHunkMemory( sizeof( bot_chatmessage_t ) + strlen( chatmessagestring ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2035:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(chatmessagestring) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2231:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len + strlen( temp ) >= MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2236:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( temp );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2258:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len + strlen( ptr ) >= MAX_MESSAGE_SIZE ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2263:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( ptr );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2432:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[0].length = strlen( var0 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2436:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[1].length = strlen( var1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2440:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[2].length = strlen( var2 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2444:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[3].length = strlen( var3 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2448:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[4].length = strlen( var4 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2452:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[5].length = strlen( var5 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2456:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[6].length = strlen( var6 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2460:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
variables[7].length = strlen( var7 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2614:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[0].length = strlen( var0 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2618:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[1].length = strlen( var1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2622:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[2].length = strlen( var2 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2626:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[3].length = strlen( var3 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2630:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[4].length = strlen( var4 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2634:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[5].length = strlen( var5 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2638:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[6].length = strlen( var6 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2642:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bestmatch.variables[7].length = strlen( var7 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2674:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen( cs->chatmessage );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2690:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cs->chatmessage ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2700:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cs->chatmessage, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2718:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, cs->chatmessage, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2721:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cs->chatmessage, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_chat.c:2757:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( cs->name, name, sizeof( cs->name ) - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:644:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( name, itemconfig->iteminfo[li->iteminfo].name, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_goal.c:649:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( name, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_ai_weight.c:366:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->weights[config->numweights].name = (char *) GetClearedMemory( strlen( token.string ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/be_interface.c:266:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( value, varvalue, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.c:90:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v->name = (char *) GetMemory(strlen(var_name)+1);
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.c:194:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v->string = (char *) GetMemory( strlen( value ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_libvar.c:245:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v->string = (char *) GetMemory( strlen( value ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_log.c:69:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !filename || !strlen( filename ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:466:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:469:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string, t->string, MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:469:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat( token->string, t->string, MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:471:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat( token->string, "\"", MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:471:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat( token->string, "\"", MAX_TOKEN - strlen( token->string ) - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:489:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t1->string[strlen( t1->string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:678:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
define->name = (char *) GetMemory(strlen(builtin[i].string) + 1);
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:723:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->subtype = strlen( token->string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:732:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:733:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string, curtime + 4, 7 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:734:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string + 7, curtime + 20, 4 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:735:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:738:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->subtype = strlen( token->string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:747:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:748:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( token->string, curtime + 11, 8 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:749:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( token->string, "\"" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:752:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->subtype = strlen( token->string );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:934:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(ptr, ptr+1, strlen(ptr));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:1002:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( path ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:1190:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
define->name = (char *) GetMemory(strlen(token.string) + 1);
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:1295:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
script = LoadScriptMemory( string, strlen( string ), "*extern" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:1424:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newdefine->name = (char *) GetMemory(strlen(define->name) + 1);
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2380:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token.string, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2411:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( token.string, "-" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2722:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token->string[strlen( token->string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2723:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token->string ) + strlen( newtoken.string + 1 ) + 1 >= MAX_TOKEN ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2723:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token->string ) + strlen( newtoken.string + 1 ) + 1 >= MAX_TOKEN ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2796:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( str, "" );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2817:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_precomp.c:2958:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(source->includepath);
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:192:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( p->p ) < strlen( newp->p ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:192:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( p->p ) < strlen( newp->p ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:808:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( p );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:959:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:980:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1140:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(string, string+1, strlen(string));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1142:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( string[strlen( string ) - 1] == '\"' ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1143:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string[strlen( string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1154:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(string, string+1, strlen(string));
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1156:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( string[strlen( string ) - 1] == '\'' ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1157:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string[strlen( string ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1288:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_script.c:1339:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( basefolder ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_struct.c:226:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( (char *) p, token.string, MAX_STRINGFIELD - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/botlib/l_struct.c:367:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( buf );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:80:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:125:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:184:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:280:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( num );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:2894:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:3052:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = 0.5 * ( 640 - BIGCHAR_WIDTH * strlen( deploytime ) ); //CG_DrawStrlen( deploytime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:3055:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = 0.5 * ( 640 - BIGCHAR_WIDTH * strlen( deploytime ) ); //CG_DrawStrlen( deploytime ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_draw.c:3953:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cg_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_ents.c:342:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringlength = strlen( cent->dl_stylestring );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_event.c:1213:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( s && strlen( s ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_flamethrower.c:1309:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( str, strlen( str ), f );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:376:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( cg.snap && ( strlen( cg_missionStats.string ) <= 1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_info.c:397:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cg_missionStats.string ) > 1 && cg_missionStats.string[0] == 's' ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:641:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( str ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:650:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( cent->dl_stylestring, token, strlen( token ) );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:656:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cent->dl_oldframe = strlen( cent->dl_stylestring );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:665:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( j = 0; j < strlen( cent->dl_stylestring ); j++ ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:778:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( bg_itemlist[i].pickup_name && strlen( bg_itemlist[i].pickup_name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:823:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
translateStrings[i].localname = (char *)trap_Alloc( strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:825:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
translateStrings[i].localname = (char *)malloc( strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:1572:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( parm1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:2156:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !translateStrings[i].name || !strlen( translateStrings[i].name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_main.c:2161:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( translateStrings[i].localname && strlen( translateStrings[i].localname ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_newdraw.c:1835:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:679:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CG_DrawStringExt( 632 - GIANT_WIDTH * strlen( s ), y, s, color, qtrue, qtrue, GIANT_WIDTH, GIANT_HEIGHT, 0 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:685:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CG_DrawStringExt( 632 - GIANT_WIDTH * strlen( s ), y, s, color, qtrue, qtrue, GIANT_WIDTH, GIANT_HEIGHT, 0 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_scoreboard.c:701:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CG_DrawStringExt( 632 - GIANT_WIDTH * strlen( s ), y, s, color, qtrue, qtrue, GIANT_WIDTH, GIANT_HEIGHT, 0 );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:351:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( originalShader, o, n - o );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:356:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( newShader, n, t - n );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_servercmds.c:364:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( timeOffset, t, o - t );
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_snapshot.c:153:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_view.c:1232:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !( cstr = (char *)CG_ConfigString( CS_SKYBOXORG ) ) || !strlen( cstr ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/cgame/cg_view.c:1239:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cg_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_avi.c:96:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_Memcpy( &buffer[ bufIndex ], s, strlen( s ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_avi.c:97:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufIndex += strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:246:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( dup );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:314:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:314:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:323:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) + 1 >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:323:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bigConfigString ) + strlen( s ) + 1 >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:327:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( bigConfigString, "\"" );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:692:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( VMA(1), VMA(2), args[3] );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:923:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( outbuf );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:938:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( outstr, strlen( outstr ), handle );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_cgame.c:1352:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tagnameSize = strlen( tagname ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_console.c:280:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buffer, strlen( buffer ), f );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_console.c:699:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen( Q3_VERSION );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1310:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1360:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = drawLen - strlen( str );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1397:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pasteLen = strlen( cbd );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1425:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:1489:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2013:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( cmd, " " );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2530:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( numChars > ( strlen( consoleSaveBuffer ) - ( text_p - consoleSaveBuffer ) ) )
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2577:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lineLength = strlen( historyEditLines[ i ].buffer );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2578:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
saveBufferLength = strlen( consoleSaveBuffer );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2581:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
additionalLength = lineLength + strlen( "999 999 999 " );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_keys.c:2599:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
consoleSaveBufferSize = strlen( consoleSaveBuffer );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:908:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( cl_timedemoLog && strlen( cl_timedemoLog->string ) > 0 )
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1631:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( cl_cdkey );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1700:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( cl_reconnectArgs ) )
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1778:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CL_UpdateGUID( serverString, strlen( serverString ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1855:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( rconAddress->string ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1868:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( NS_CLIENT, strlen( message ) + 1, message, to );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:1975:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( musicCvar.string ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2188:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zippath[strlen(zippath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2219:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = localName + strlen( localName ); // point at the nul byte
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2268:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( clc.downloadList, s, strlen( s ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:2385:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_OutOfBandData( NS_CLIENT, clc.serverAddress, (byte *) data, strlen ( data ) );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3119:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( itemStr, " " );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:3188:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( cacheItems[i][j].name, strlen( cacheItems[i][j].name ), handle );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4098:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( info ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4099:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( info[strlen( info ) - 1] != '\n' ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4256:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( serverStatus->string );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4265:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( serverStatus->string );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4283:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( serverStatus->string );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4331:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( NS_CLIENT, strlen( message ), message, to );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4333:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( NS_CLIENT, strlen( message ), message, to );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4816:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( key );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4821:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( checksum && strlen( checksum ) != CDCHKSUM_LEN ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_main.c:4920:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, cl.limboChatMsgs[index], 140 );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_parse.c:500:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c:350:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SCR_DrawStringExt( 320 - strlen( string ) * 4, 20, 8, string, g_color_table[7], qtrue, qfalse );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_scrn.c:388:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SCR_DrawStringExt( 320 - strlen( string ) * 4, 10, 8, string, g_color_table[7], qtrue, qfalse );
data/iortcw-1.51.c+dfsg1/SP/code/client/cl_ui.c:1050:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( VMA(1), VMA(2), args[3] );
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:149:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = MIN(sizeof(lm->identity)/sizeof(wchar_t), strlen(identity)+1);
data/iortcw-1.51.c+dfsg1/SP/code/client/libmumblelink.c:167:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = MIN(sizeof(lm->description)/sizeof(wchar_t), strlen(description)+1);
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.c:187:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return stream->codec->read(stream, bytes, buffer);
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_codec.h:64:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CODEC_READ read;
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:283:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= MAX_QPATH) {
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_dma.c:371:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:208:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( filename ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:2753:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((curlen = strlen(devicelist)))
data/iortcw-1.51.c+dfsg1/SP/code/client/snd_openal.c:2848:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((curlen = strlen(inputdevicelist)))
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast.c:745:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( loading ) > 0 && atoi( loading ) != 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_characters.c:1370:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !ent->aiSkin || !strlen( ent->aiSkin ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_debug.c:119:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !param || strlen( param ) < 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_debug.c:157:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->classname = G_Alloc( strlen( cmd ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:360:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( filename ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:491:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:498:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:504:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:505:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:506:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:527:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:545:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token ) ) { // we know there's a [0], but don't know if it's '0'
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:571:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:572:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->stack.items[curEvent->stack.numItems].params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:573:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->stack.items[curEvent->stack.numItems].params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:675:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:691:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:704:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script.c:779:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( ( strlen( aicast_debugname.string ) < 1 ) || ( g_entities[cs->entityNum].aiName && !strcmp( aicast_debugname.string, g_entities[cs->entityNum].aiName ) ) ) ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_script_actions.c:465:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( loading ) > 0 && atoi( loading ) != 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_think.c:809:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cast_think.c:966:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:75:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:75:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:102:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:102:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:131:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:131:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:162:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:195:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:195:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:232:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:232:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:271:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( mapname, Info_ValueForKey( info, "mapname" ), sizeof( mapname ) - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_chat.c:753:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
} else { strcpy( name, "" );}
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:150:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( goalname ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:284:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:399:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:410:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:877:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( bs->subteam, teammate, 32 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:898:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bs->subteam ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:902:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( bs->subteam, "" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:919:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( bs->subteam ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_cmd.c:1055:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( bs->teamleader, teammate, sizeof( bs->teamleader ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmnet.c:633:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:276:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( name, Info_ValueForKey( buf, "n" ), size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:295:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( skin, Info_ValueForKey( buf, "model" ), size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:355:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( ptr, ptr + 1, strlen( ptr + 1 ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:362:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( str1, str2 + 1, strlen( str2 + 1 ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:363:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else { memmove( str2, str1 + 1, strlen( str1 + 1 ) + 1 );}
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:368:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( name, name + 2, strlen( name + 2 ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:381:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove( ptr, ptr + 1, strlen( ptr + 1 ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:384:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, name, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:1940:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( mapname, Info_ValueForKey( info, "mapname" ), sizeof( mapname ) - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_dmq3.c:2259:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( classname, "" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1060:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1065:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1070:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1075:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1080:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1081:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1087:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1088:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1094:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1095:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1100:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1101:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1107:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1112:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1117:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1122:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1127:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1132:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1138:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1139:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buf, "0" );
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1144:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1149:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_main.c:1154:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:63:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( bs->teamleader ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:85:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:85:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:141:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:141:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( buf ) || !strlen( Info_ValueForKey( buf, "n" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/ai_team.c:541:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( bs->teamleader, netname, sizeof( bs->teamleader ) );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:460:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( *offset + strlen( string ) + 1 >= bufSize ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:470:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*offset += strlen( string ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:603:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token ); // unget the token
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:821:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( currentString ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:847:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( token[strlen( token ) - 1] == ',' ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:849:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token[strlen( token ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:852:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( currentString ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:860:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( currentString ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:948:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( token[strlen( token ) - 1] == ',' ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:949:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token[strlen( token ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:994:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*input -= strlen( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1049:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*input -= strlen( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1306:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1308:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1334:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1336:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1428:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1430:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1456:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_animation.c:1458:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_strncmp( text_p, token, strlen( token ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:215:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen( const char *string ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:240:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
char *strncat( char *strDestination, const char *strSource, size_t num ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.c:387:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *strncpy( char *strDest, const char *strSource, size_t count ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:86:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen( const char *string );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:88:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
char *strncat( char *strDestination, const char *strSource, size_t num );
data/iortcw-1.51.c+dfsg1/SP/code/game/bg_lib.h:94:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *strncpy( char *strDest, const char *strSource, size_t count );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_active.c:951:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:76:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( entry );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:135:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen( arg );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:162:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_cmds.c:270:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !name || !strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1279:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) < 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_main.c:1952:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( string, strlen( string ), level.logFile );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:1330:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->nextthink = level.time + ( strlen( ent->dl_stylestring ) * 100 ) - 100;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:1360:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ent->dl_stylestring && strlen( ent->dl_stylestring ) ) { // if they're specified in a string, use em
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:1369:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->count = strlen( ent->dl_stylestring );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:2636:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->target_ent->tagName = G_Alloc( strlen( tagName ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:2637:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( ent->target_ent->tagName, tagName, strlen( tagName ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:2639:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->tagName = G_Alloc( strlen( tagName ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_misc.c:2640:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( ent->tagName, tagName, strlen( tagName ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_mover.c:4458:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( ent->spawnflags & 4 ) && ent->model && strlen( ent->model ) ) { // use shader
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:319:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( *(char **)p ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:367:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( func->funcStr ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:388:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( *(char **)p ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:400:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( func->funcStr ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1124:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( username ); i++ ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1194:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( mapstr ); i++ ) mapstr[i] = toupper( mapstr[i] );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1198:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( leveltime ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1203:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( healthstr ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1224:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen( infoString );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1229:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !G_SaveWrite( infoString, strlen( infoString ), f ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1251:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen( infoString );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1260:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !G_SaveWrite( infoString, strlen( infoString ), f ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1459:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( musicString ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_save.c:1616:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( musicString ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:256:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( filename ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:379:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:385:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:386:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:387:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:408:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // add a space between each param
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:426:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( token ) ) { // we know there's a [0], but don't know if it's '0'
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:446:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( params ) ) { // copy the params into the event
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:447:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curEvent->stack.items[curEvent->stack.numItems].params = G_Alloc( strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:448:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( curEvent->stack.items[curEvent->stack.numItems].params, params, strlen( params ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script.c:565:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( g_missionStats.string ) > 1 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1003:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->tagName = G_Alloc( strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_script_actions.c:1004:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( ent->tagName, token, strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:737:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( string ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/game/g_spawn.c:884:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( string );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:158:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( iplist_final ) + strlen( ip ) < MAX_CVAR_VALUE_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:158:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( iplist_final ) + strlen( ip ) < MAX_CVAR_VALUE_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_svcmds.c:481:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cmd ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/game/g_team.c:804:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( entry );
data/iortcw-1.51.c+dfsg1/SP/code/game/g_trigger.c:693:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !ent->target || !( strlen( ent->target ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:99:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:122:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:152:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( text && strlen( text ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:408:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( cmd_args, " " );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:433:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( cmd_args, " " );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cmd.c:481:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(c) > MAX_CVAR_VALUE_STRING - 1)
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:191:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( strlen( msg ) + strlen( rd_buffer ) ) > ( rd_buffersize - 1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:191:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( strlen( msg ) + strlen( rd_buffer ) ) > ( rd_buffersize - 1 ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:244:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( msg, strlen( msg ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:627:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:627:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str1 ) - strlen( str2 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:668:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:673:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = ptr + strlen( buf );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:885:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = Z_Malloc( strlen( in ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1056:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1060:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1066:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1068:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1090:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1109:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1115:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1117:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buf, strlen( buf ), logfile );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:1604:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( s ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2122:15: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
savedumask = umask(0077);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2142:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(savedumask);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2499:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2509:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for( i = accu; i < accu + read; ++i )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2516:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf[ accu + read ] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2518:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accu += read;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2961:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( Q_stricmpn( s, completionString, strlen( completionString ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2972:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( i >= strlen( s ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:2990:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_stricmpn( s, shortestMatch, strlen( shortestMatch ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3004:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_stricmpn( s, shortestMatch, strlen( shortestMatch ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3019:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 0; i < strlen( s ); i++ )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3040:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
completionOffset = strlen( completionField->buffer ) - strlen( completionString );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3040:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
completionOffset = strlen( completionField->buffer ) - strlen( completionString );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3045:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
completionField->cursor = strlen( completionField->buffer );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3111:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *( cmd + strlen( cmd ) - 1 ) == ' ' )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3127:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( completionField->buffer ) + 1 >=
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3133:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( completionField->buffer ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/common.c:3165:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( completionString ) == 0 )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:929:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->latchedString ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:929:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->latchedString ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:936:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->string ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:936:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( var->name ) + strlen( var->string ) + 10 > sizeof( buffer ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:943:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( buffer, strlen( buffer ), f );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:1382:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( cv->string ) + 1 > MAX_CVAR_VALUE_STRING )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/cvar.c:1385:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned int) strlen(cv->string));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:524:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (s, s + 1, strlen (s));
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:802:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
testpath[strlen(testpath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:822:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:877:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:892:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:908:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:923:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ospath[strlen(ospath)-1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:967:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
from_ospath[strlen( from_ospath ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:968:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
to_ospath[strlen( to_ospath ) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1304:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extlen = strlen(ext);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1489:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1559:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1803:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1838:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
remaining -= read;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1839:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf += read;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:1909:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write( msg, strlen( msg ), h );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2327:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( filename_inzip ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2355:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( pack->pakBasename ) > 4 && !Q_stricmp( pack->pakBasename + strlen( pack->pakBasename ) - 4, ".pk3" ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2355:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( pack->pakBasename ) > 4 && !Q_stricmp( pack->pakBasename + strlen( pack->pakBasename ) - 4, ".pk3" ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2356:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pack->pakBasename[strlen( pack->pakBasename ) - 4] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2376:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namePtr += strlen( filename_inzip ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2528:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathLength = strlen( path );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2532:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extensionLength = strlen( extension );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2575:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( name );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2684:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = strlen( pFiles[i] ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2897:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = strlen(name) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:2901:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDescLen = strlen(description) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3218:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curpath[strlen(curpath) - 1] = '\0'; // strip the trailing slash
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3244:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pakfile[ strlen( pakfile ) - 1 ] = 0; // strip the trailing slash
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3429:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
origpos += strlen(origpos);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3455:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(origpos) + (origpos - neededpaks) >= len - 1)
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3748:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(pakBasename) == 7 && !Q_stricmpn( pakBasename, "sp_pak", 6 )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:3878:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(pakBasename) == 4 && !Q_stricmpn( pakBasename, "pak", 3 )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4086:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (search->pack->referenced || Q_stricmpn(search->pack->pakGamename, com_basegame->string, strlen(com_basegame->string))) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/files.c:4153:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (search->pack->referenced || Q_stricmpn(search->pack->pakGamename, com_basegame->string, strlen(com_basegame->string))) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/json.h:221:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int nameLen = strlen(name);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c:323:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/msg.c:349:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_chan.c:591:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NET_SendPacket( sock, strlen( string ), string, adr );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1154:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulen = strlen( net_socksUsername->string );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/net_ip.c:1155:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen( net_socksPassword->string );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:133:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(in);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:134:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extlen = strlen(ext);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:171:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( out, in, strlen( in ) );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:782:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, n = 0, len = strlen( str );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:938:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dest, src, destsize-1 );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1032:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen( dest );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1053:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(find);
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1201:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( len = strlen( temp_buffer ) ) >= MAX_VA_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1252:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1319:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1414:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1450:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start, s, strlen(s) + 1); // remove this part
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1472:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1508:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start, s, strlen(s) + 1); // remove this part
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1551:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1565:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !value || !strlen( value ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1571:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1571:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1591:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1610:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1610:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/q_shared.c:1632:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 0; i < strlen( set ); i++ )
data/iortcw-1.51.c+dfsg1/SP/code/qcommon/vm.c:282:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chars = strlen( token );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2664:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2678:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2773:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keyLength = strlen(keyname) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_bsp.c:2774:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tokenLength = strlen(com_token) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_fbo.c:84:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:441:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(shaderText);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:509:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:519:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(GLSL_CompileGPUShader(program->program, &program->vertexShader, vpCode, strlen(vpCode), GL_VERTEX_SHADER)))
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:528:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(GLSL_CompileGPUShader(program->program, &program->fragmentShader, fpCode, strlen(fpCode), GL_FRAGMENT_SHADER)))
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:600:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
postHeader = &vpCode[strlen(vpCode)];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:601:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= strlen(vpCode);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:619:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
postHeader = &fpCode[strlen(fpCode)];
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_glsl.c:620:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= strlen(fpCode);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:2183:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3243:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_image.c:3274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strcmp( name + strlen( name ) - 5, ".skin" ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_init.c:1133:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int remainingLength = strlen(string);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:86:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 first
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:88:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC first
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:94:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC second
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:96:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 second
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:347:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:735:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(surf->name);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model.c:1276:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(surf->name);
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:473:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
joint_names += strlen( (char *)header + header->ofs_text +
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:799:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_model_iqm.c:1672:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names += strlen( names ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shade_calc.c:361:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:2364:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
normalName[strlen(normalName) - 1] = '\0';
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3608:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3642:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3672:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3952:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( textEnd, "\n" );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_shader.c:3953:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textEnd += strlen( textEnd );
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:122:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/SP/code/rend2/tr_vbo.c:190:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) >= MAX_QPATH)
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:2095:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_bsp.c:2109:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( keyname, s, strlen( s ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1167:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1966:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_image.c:1997:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strcmp( name + strlen( name ) - 5, ".skin" ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_init.c:1037:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int remainingLength = strlen(string);
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:86:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 first
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:88:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC first
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:94:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = 'c'; // try MDC second
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:96:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen( namebuf ) - 1] = '3'; // try MD3 second
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:115:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename[strlen( filename ) - 1] = 'c';
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:366:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:996:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( surf->name );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model.c:1214:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen( surf->name );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model_iqm.c:470:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
joint_names += strlen( (char *)header + header->ofs_text +
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model_iqm.c:796:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_model_iqm.c:1409:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names += strlen( names ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shade_calc.c:350:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:2865:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:2899:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:2929:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) >= MAX_QPATH ) {
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:3209:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( textEnd, "\n" );
data/iortcw-1.51.c+dfsg1/SP/code/renderer/tr_shader.c:3210:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textEnd += strlen( textEnd );
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:245:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( newModeString ) < (int)sizeof( buf ) - strlen( buf ) )
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:245:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( newModeString ) < (int)sizeof( buf ) - strlen( buf ) )
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:253:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ strlen( buf ) - 1 ] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:349:3: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf( version, "OpenGL %5s %d.%d", profile, &qglesMajorVersion, &qglesMinorVersion );
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:1186:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*glConfig.renderer_string && glConfig.renderer_string[strlen(glConfig.renderer_string) - 1] == '\n')
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:1187:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
glConfig.renderer_string[strlen(glConfig.renderer_string) - 1] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/sdl/sdl_glimp.c:1203:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extensionLength = strlen( extension );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:948:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FS_Write(writebuf, strlen(writebuf), writeto);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1422:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = 39 - strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1462:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen( p ) - 1] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_ccmds.c:1502:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p)-1] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:405:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( strlen( ip ) + strlen( userinfo ) + 4 ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:405:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( strlen( ip ) + strlen( userinfo ) + 4 ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1385:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( val ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1398:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( val ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1400:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( i <= 0 || i > 100 || strlen( val ) > 4 ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1407:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(val))
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1450:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) - strlen( val ) + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1450:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) - strlen( val ) + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1450:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) - strlen( val ) + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1452:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) + 4 + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_client.c:1452:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ip ) + 4 + strlen( cl->userinfo );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c:851:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( VMA(1), VMA(2), args[3] );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c:1024:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( text && strlen( text ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_game.c:1025:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textLen = strlen( text ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_init.c:51:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sv.configstrings[index]);
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_init.c:366:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( cmd );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_init.c:923:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( p ) == 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:129:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !Q_strncmp( cmd, SV_GetReliableCommand( client, index ), strlen( "cs" ) ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:208:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen ((char *)message) > 1022 ) {
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:586:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(Cmd_Argv(1)) > 128)
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:604:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
playerLength = strlen( player );
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:654:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(Cmd_Argv(1)) > 128)
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:744:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( sv_rconPassword->string ) ||
data/iortcw-1.51.c+dfsg1/SP/code/server/sv_main.c:772:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( sv_rconPassword->string ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_parse.cpp:339:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( *punc );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:107:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(in);
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:108:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extlen = strlen(ext);
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:145:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_strncpyz( out, in, strlen( in ) );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:769:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 2; i < strlen( str ); i++ )
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:919:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dest, src, destsize - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1001:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen( dest );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1022:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(find);
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1170:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( len = strlen( temp_buffer ) ) >= MAX_VA_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1221:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen( s );
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1288:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1383:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1419:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start, s, strlen(s) + 1); // remove this part
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1441:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1520:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1534:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !value || !strlen( value ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1540:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1540:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= MAX_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1560:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1579:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1579:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newi ) + strlen( s ) >= BIG_INFO_STRING ) {
data/iortcw-1.51.c+dfsg1/SP/code/splines/q_shared.cpp:1601:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 0; i < strlen( set ); i++ )
data/iortcw-1.51.c+dfsg1/SP/code/splines/splines.cpp:123:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qglCallLists( strlen( label ), GL_UNSIGNED_BYTE, label );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:237:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:367:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( m_data->data, olddata->data, len + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.cpp:450:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dst, buffer, size - 1 );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:181:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:253:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:267:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:281:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:310:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = length() + strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:406:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:429:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen( text ) < (unsigned) m_data->len );
data/iortcw-1.51.c+dfsg1/SP/code/splines/util_str.h:443:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_log.c:63:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int length = strlen( in );
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:126:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(TTY_CONSOLE_PROMPT); i > 0; i--) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:152:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = write(STDOUT_FILENO, TTY_CONSOLE_PROMPT, strlen(TTY_CONSOLE_PROMPT));
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:344:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
avail = read(STDIN_FILENO, &key, 1);
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:400:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = write(STDOUT_FILENO, TTY_CONSOLE_PROMPT, strlen(TTY_CONSOLE_PROMPT));
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:411:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
avail = read(STDIN_FILENO, &key, 1);
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:417:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
avail = read(STDIN_FILENO, &key, 1);
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:483:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(STDIN_FILENO, text, sizeof(text));
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_tty.c:523:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (msg[strlen(msg) - 1] == '\n') {
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_win32.c:142:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qconsole_linelen = strlen( qconsole_line );
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_win32.c:175:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qconsole_linelen = strlen( qconsole_line );
data/iortcw-1.51.c+dfsg1/SP/code/sys/con_win32.c:419:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qconsole_linelen = strlen( qconsole_line );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_main.c:153:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bufsize = strlen( cliptext ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:370:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:388:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:457:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extLen = strlen( extension );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:476:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( d->d_name ) < extLen ||
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:478:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->d_name + strlen( d->d_name ) - extLen,
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:567:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep( msec * 1000 );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:656:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen( text ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_unix.c:971:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen( DLL_EXT );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:318:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( path ) - 1;
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:329:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( base ) - 1;
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:349:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( dir ) - 1;
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:368:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( ospath );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:443:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:458:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subdirs)) {
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:489:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l0 = strlen(s0);
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:490:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen(s1);
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:556:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extLen = strlen( extension );
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:572:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( findinfo.name ) < extLen ||
data/iortcw-1.51.c+dfsg1/SP/code/sys/sys_win32.c:574:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
findinfo.name + strlen( findinfo.name ) - extLen,
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:237:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(BASEDIRNAME);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:238:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (c=path+strlen(path)-1 ; c != path ; c--)
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:256:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (qdir, path, c+len+count-path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:258:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( qdir ); i++ )
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:269:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (gamedir, path, c+1-path);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:271:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( gamedir ); i++ )
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:281:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( writedir[strlen( writedir )-1] != '/' )
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:283:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writedir[strlen( writedir )] = '/';
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:284:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writedir[strlen( writedir )+1] = 0;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:357:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = malloc(strlen(s)+1);
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:400:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(out, "."); /* shrug */
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:401:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (out, "\\");
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:404:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(out, "."); /* shrug */
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:405:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (out, "/");
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:816:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:845:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path)-1;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:855:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path)-1;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:878:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:894:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/cmdlib.c:913:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/iortcw-1.51.c+dfsg1/SP/code/tools/asm/q3asm.c:705:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, q, p - q);
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_atoms.c:247:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( gameFile );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:100:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc( strlen( info ) + strlen( "\\num\\" ) + strlen( va( "%d", MAX_ARENAS ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:100:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc( strlen( info ) + strlen( "\\num\\" ) + strlen( va( "%d", MAX_ARENAS ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:100:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc( strlen( info ) + strlen( "\\num\\" ) + strlen( va( "%d", MAX_ARENAS ) ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:164:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_gameinfo.c:288:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:312:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:357:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:413:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:494:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1116:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
translateStrings[i].localname = (char *)trap_Alloc( strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1118:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
translateStrings[i].localname = (char *)malloc( strlen( token ) + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:1289:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( ui_savegameName.string ) || ui_savegameName.string[0] == '0' ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3615:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3619:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirptr += dirlen + strlen( descptr ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3811:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( sgname );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3878:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( moviename );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:3926:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(demoname);
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4376:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4694:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buff[0] != 32 && strlen( buff ) == CDKEY_LEN ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4774:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4792:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4957:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4957:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4977:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4989:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:4989:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( name ) > 0 && strlen( addr ) > 0 ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5293:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( uiInfo.serverStatus.motd );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5296:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( uiInfo.serverStatus.motd );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5453:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( serverStatusCvars[i].altName ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5557:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( &info->pings[len] ) + 1;
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5628:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strlen( uiInfo.findPlayerName ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5898:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !translateStrings[i].name || !strlen( translateStrings[i].name ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:5903:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( translateStrings[i].localname && strlen( translateStrings[i].localname ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:6690:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:6705:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filelen = strlen( fileptr );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7019:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( buf ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7180:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d GB",
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7180:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d GB",
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7184:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d MB",
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7184:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf + strlen( buf ), bufsize - strlen( buf ), ".%02d MB",
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_main.c:7766:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( ptr ) ) {
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_players.c:1096:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_p -= strlen( token ); // unget the token
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:343:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( p );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:2475:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buff );
data/iortcw-1.51.c+dfsg1/SP/code/ui/ui_shared.c:3447:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buff, start, p - start + 1 );
data/iortcw-1.51.c+dfsg1/SP/code/zlib-1.2.11/unzip.c:1260:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(szFileName)>=UNZ_MAXFILENAMEINZIP)
ANALYSIS SUMMARY:
Hits = 6454
Lines analyzed = 770663 in approximately 17.18 seconds (44870 lines/second)
Physical Source Lines of Code (SLOC) = 500594
Hits@level = [0] 250 [1] 1497 [2] 3957 [3] 528 [4] 470 [5] 2
Hits@level+ = [0+] 6704 [1+] 6454 [2+] 4957 [3+] 1000 [4+] 472 [5+] 2
Hits/KSLOC@level+ = [0+] 13.3921 [1+] 12.8927 [2+] 9.90224 [3+] 1.99763 [4+] 0.94288 [5+] 0.00399525
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.