Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/jupp-3.1.40/b.c
Examining data/jupp-3.1.40/b.h
Examining data/jupp-3.1.40/blocks.c
Examining data/jupp-3.1.40/blocks.h
Examining data/jupp-3.1.40/builtin.c
Examining data/jupp-3.1.40/builtin.h
Examining data/jupp-3.1.40/builtins.c
Examining data/jupp-3.1.40/bw.c
Examining data/jupp-3.1.40/bw.h
Examining data/jupp-3.1.40/charmap.c
Examining data/jupp-3.1.40/charmap.h
Examining data/jupp-3.1.40/cmd.c
Examining data/jupp-3.1.40/cmd.h
Examining data/jupp-3.1.40/compat.c
Examining data/jupp-3.1.40/config.h
Examining data/jupp-3.1.40/dir.c
Examining data/jupp-3.1.40/hash.c
Examining data/jupp-3.1.40/hash.h
Examining data/jupp-3.1.40/help.c
Examining data/jupp-3.1.40/help.h
Examining data/jupp-3.1.40/i18n.c
Examining data/jupp-3.1.40/i18n.h
Examining data/jupp-3.1.40/kbd.c
Examining data/jupp-3.1.40/kbd.h
Examining data/jupp-3.1.40/macro.c
Examining data/jupp-3.1.40/macro.h
Examining data/jupp-3.1.40/main.c
Examining data/jupp-3.1.40/main.h
Examining data/jupp-3.1.40/menu.c
Examining data/jupp-3.1.40/menu.h
Examining data/jupp-3.1.40/path.c
Examining data/jupp-3.1.40/path.h
Examining data/jupp-3.1.40/poshist.c
Examining data/jupp-3.1.40/poshist.h
Examining data/jupp-3.1.40/pw.c
Examining data/jupp-3.1.40/pw.h
Examining data/jupp-3.1.40/queue.c
Examining data/jupp-3.1.40/queue.h
Examining data/jupp-3.1.40/qw.c
Examining data/jupp-3.1.40/qw.h
Examining data/jupp-3.1.40/rc.c
Examining data/jupp-3.1.40/rc.h
Examining data/jupp-3.1.40/regex.c
Examining data/jupp-3.1.40/regex.h
Examining data/jupp-3.1.40/scrn.c
Examining data/jupp-3.1.40/scrn.h
Examining data/jupp-3.1.40/selinux.c
Examining data/jupp-3.1.40/syntax.c
Examining data/jupp-3.1.40/syntax.h
Examining data/jupp-3.1.40/tab.c
Examining data/jupp-3.1.40/tab.h
Examining data/jupp-3.1.40/termcap.c
Examining data/jupp-3.1.40/termcap.h
Examining data/jupp-3.1.40/termidx.c
Examining data/jupp-3.1.40/tty.c
Examining data/jupp-3.1.40/tty.h
Examining data/jupp-3.1.40/tw.c
Examining data/jupp-3.1.40/tw.h
Examining data/jupp-3.1.40/types.h
Examining data/jupp-3.1.40/ublock.c
Examining data/jupp-3.1.40/ublock.h
Examining data/jupp-3.1.40/uedit.c
Examining data/jupp-3.1.40/uedit.h
Examining data/jupp-3.1.40/uerror.c
Examining data/jupp-3.1.40/uerror.h
Examining data/jupp-3.1.40/ufile.c
Examining data/jupp-3.1.40/ufile.h
Examining data/jupp-3.1.40/uformat.c
Examining data/jupp-3.1.40/uformat.h
Examining data/jupp-3.1.40/uisrch.c
Examining data/jupp-3.1.40/uisrch.h
Examining data/jupp-3.1.40/umath.c
Examining data/jupp-3.1.40/umath.h
Examining data/jupp-3.1.40/undo.c
Examining data/jupp-3.1.40/undo.h
Examining data/jupp-3.1.40/usearch.c
Examining data/jupp-3.1.40/usearch.h
Examining data/jupp-3.1.40/ushell.c
Examining data/jupp-3.1.40/ushell.h
Examining data/jupp-3.1.40/utag.c
Examining data/jupp-3.1.40/utag.h
Examining data/jupp-3.1.40/utf8.c
Examining data/jupp-3.1.40/utf8.h
Examining data/jupp-3.1.40/utils.c
Examining data/jupp-3.1.40/utils.h
Examining data/jupp-3.1.40/va.c
Examining data/jupp-3.1.40/va.h
Examining data/jupp-3.1.40/vfile.c
Examining data/jupp-3.1.40/vfile.h
Examining data/jupp-3.1.40/vs.c
Examining data/jupp-3.1.40/vs.h
Examining data/jupp-3.1.40/w.c
Examining data/jupp-3.1.40/w.h
Examining data/jupp-3.1.40/win32.c
FINAL RESULTS:
data/jupp-3.1.40/b.c:45:7: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
FILE *popen(const char *, const char *);
data/jupp-3.1.40/b.c:2036:8: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fi = popen((char *)(n + 1), "r");
data/jupp-3.1.40/b.c:2359:7: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f = popen((char *)(s + 1), "w");
data/jupp-3.1.40/config.h:33:37: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_0(buf,len,fmt) snprintf((buf),(len),(fmt))
data/jupp-3.1.40/config.h:34:39: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_1(buf,len,fmt,a) snprintf((buf),(len),(fmt),(a))
data/jupp-3.1.40/config.h:35:41: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_2(buf,len,fmt,a,b) snprintf((buf),(len),(fmt),(a),(b))
data/jupp-3.1.40/config.h:36:43: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_3(buf,len,fmt,a,b,c) snprintf((buf),(len),(fmt),(a),(b),(c))
data/jupp-3.1.40/config.h:37:45: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_4(buf,len,fmt,a,b,c,d) snprintf((buf),(len),(fmt),(a),(b),(c),(d))
data/jupp-3.1.40/config.h:38:47: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_5(buf,len,fmt,a,b,c,d,e) snprintf((buf),(len),(fmt),(a),(b),(c),(d),(e))
data/jupp-3.1.40/config.h:39:49: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_6(buf,len,fmt,a,b,c,d,e,f) snprintf((buf),(len),(fmt),(a),(b),(c),(d),(e),(f))
data/jupp-3.1.40/config.h:40:51: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_7(buf,len,fmt,a,b,c,d,e,f,g) snprintf((buf),(len),(fmt),(a),(b),(c),(d),(e),(f),(g))
data/jupp-3.1.40/config.h:41:53: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_8(buf,len,fmt,a,b,c,d,e,f,g,h) snprintf((buf),(len),(fmt),(a),(b),(c),(d),(e),(f),(g),(h))
data/jupp-3.1.40/config.h:42:55: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_9(buf,len,fmt,a,b,c,d,e,f,g,h,i) snprintf((buf),(len),(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i))
data/jupp-3.1.40/config.h:43:58: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_10(buf,len,fmt,a,b,c,d,e,f,g,h,i,j) snprintf((buf),(len),(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i),(j))
data/jupp-3.1.40/config.h:47:37: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_0(buf,len,fmt) sprintf((buf),(fmt))
data/jupp-3.1.40/config.h:48:39: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_1(buf,len,fmt,a) sprintf((buf),(fmt),(a))
data/jupp-3.1.40/config.h:49:41: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_2(buf,len,fmt,a,b) sprintf((buf),(fmt),(a),(b))
data/jupp-3.1.40/config.h:50:43: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_3(buf,len,fmt,a,b,c) sprintf((buf),(fmt),(a),(b),(c))
data/jupp-3.1.40/config.h:51:45: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_4(buf,len,fmt,a,b,c,d) sprintf((buf),(fmt),(a),(b),(c),(d))
data/jupp-3.1.40/config.h:52:47: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_5(buf,len,fmt,a,b,c,d,e) sprintf((buf),(fmt),(a),(b),(c),(d),(e))
data/jupp-3.1.40/config.h:53:49: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_6(buf,len,fmt,a,b,c,d,e,f) sprintf((buf),(fmt),(a),(b),(c),(d),(e),(f))
data/jupp-3.1.40/config.h:54:51: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_7(buf,len,fmt,a,b,c,d,e,f,g) sprintf((buf),(fmt),(a),(b),(c),(d),(e),(f),(g))
data/jupp-3.1.40/config.h:55:53: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_8(buf,len,fmt,a,b,c,d,e,f,g,h) sprintf((buf),(fmt),(a),(b),(c),(d),(e),(f),(g),(h))
data/jupp-3.1.40/config.h:56:55: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_9(buf,len,fmt,a,b,c,d,e,f,g,h,i) sprintf((buf),(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i))
data/jupp-3.1.40/config.h:57:58: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_10(buf,len,fmt,a,b,c,d,e,f,g,h,i,j) sprintf((buf),(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i),(j))
data/jupp-3.1.40/dir.c:47:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
rtval = system(y);
data/jupp-3.1.40/help.c:64:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, /*{*/ "\nHelp file '%s' is not properly ended with } on new line.\nDo you want to accept incomplete help screen (y/n)?", filename);
data/jupp-3.1.40/tty.c:733:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(sh, sh, "-c", cmd, NULL);
data/jupp-3.1.40/tty.c:736:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(sh, sh, NULL);
data/jupp-3.1.40/ublock.c:1024:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(sh, sh, "-c", s, NULL);
data/jupp-3.1.40/ushell.c:249:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
!access(eshell, X_OK)) {
data/jupp-3.1.40/b.c:1973:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = (unsigned char *)getenv("HOME");
data/jupp-3.1.40/charmap.c:1347:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = (unsigned char *)getenv("HOME");
data/jupp-3.1.40/charmap.c:1433:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p = (unsigned char *)getenv("HOME"))) {
data/jupp-3.1.40/main.c:209:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = (unsigned char *)getenv("LINES")) != NULL)
data/jupp-3.1.40/main.c:211:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = (unsigned char *)getenv("COLUMNS")) != NULL)
data/jupp-3.1.40/main.c:213:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = (unsigned char *)getenv("BAUD")) != NULL)
data/jupp-3.1.40/main.c:215:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("DOPADDING"))
data/jupp-3.1.40/main.c:217:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("NOXON"))
data/jupp-3.1.40/main.c:219:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = (unsigned char *)getenv("JOETERM")) != NULL)
data/jupp-3.1.40/main.c:227:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = (unsigned char *)getenv("HOME");
data/jupp-3.1.40/path.c:228:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
where = (unsigned char *)getenv("TMPDIR");
data/jupp-3.1.40/path.c:230:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
where = (unsigned char *)getenv("TEMP");
data/jupp-3.1.40/path.c:385:25: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
ret = (unsigned char *)getwd((char *)buf);
data/jupp-3.1.40/rc.c:644:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = (unsigned char *)getenv("HOME");
data/jupp-3.1.40/syntax.c:270:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = (unsigned char *)getenv("HOME");
data/jupp-3.1.40/termcap.c:153:62: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!name && !(name = joeterm) && !(name = (unsigned char *)getenv("TERM")))
data/jupp-3.1.40/termcap.c:183:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tp = (unsigned char *)getenv("TERMCAP");
data/jupp-3.1.40/termcap.c:190:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((tp = (unsigned char *)getenv("TERMPATH")))
data/jupp-3.1.40/termcap.c:193:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((tp = (unsigned char *)getenv("HOME"))) {
data/jupp-3.1.40/ufile.c:234:42: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
simple_backup_suffix = (unsigned char *)getenv("SIMPLE_BACKUP_SUFFIX");
data/jupp-3.1.40/ushell.c:152:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SHELL")) {
data/jupp-3.1.40/ushell.c:243:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
eshell = getenv(getushell_envs[i++]);
data/jupp-3.1.40/utf8.c:240:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s=(unsigned char *)getenv("JOECHARMAP");
data/jupp-3.1.40/utf8.c:244:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s=(unsigned char *)getenv("LC_ALL");
data/jupp-3.1.40/utf8.c:246:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s=(unsigned char *)getenv("LC_CTYPE");
data/jupp-3.1.40/utf8.c:248:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s=(unsigned char *)getenv("LANG");
data/jupp-3.1.40/b.c:49:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stdbuf[stdsiz];
data/jupp-3.1.40/b.c:1060:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char table[256], c;
data/jupp-3.1.40/b.c:1100:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char table[256], c;
data/jupp-3.1.40/b.c:1214:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char table[256], c;
data/jupp-3.1.40/b.c:1256:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char table[256], c;
data/jupp-3.1.40/b.c:1868:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/jupp-3.1.40/b.c:2010:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[SEGSIZ];
data/jupp-3.1.40/b.c:2041:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fi = fopen((char *)n, "r+");
data/jupp-3.1.40/b.c:2046:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fi = fopen((char *)n, "r");
data/jupp-3.1.40/b.c:2362:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)(s + 2), "a");
data/jupp-3.1.40/b.c:2370:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)s, "r+");
data/jupp-3.1.40/b.c:2373:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)s, "w");
data/jupp-3.1.40/b.c:2530:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tmpfd = open("DEADJOE", O_RDWR | O_EXCL | O_CREAT, 0600)) < 0) {
data/jupp-3.1.40/b.c:2537:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tmpfd = open("DEADJOE", O_RDWR | O_APPEND)) < 0)
data/jupp-3.1.40/b.h:15:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char stdbuf[stdsiz];
data/jupp-3.1.40/builtin.c:48:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen((const char *)name, (const char *)mode);
data/jupp-3.1.40/bw.c:402:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[12];
data/jupp-3.1.40/bw.c:464:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char txt[80];
data/jupp-3.1.40/bw.c:466:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[16];
data/jupp-3.1.40/bw.c:477:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(txt,bf,9);
data/jupp-3.1.40/bw.c:707:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[80];
data/jupp-3.1.40/charmap.c:1231:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/jupp-3.1.40/charmap.c:1232:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf1[1024];
data/jupp-3.1.40/charmap.c:1320:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/jupp-3.1.40/charmap.c:1351:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)buf, "r");
data/jupp-3.1.40/charmap.c:1358:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)buf, "r");
data/jupp-3.1.40/charmap.c:1412:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/jupp-3.1.40/charmap.h:43:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lower_map[256];
data/jupp-3.1.40/charmap.h:44:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char upper_map[256];
data/jupp-3.1.40/charmap.h:47:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alnux_map[32];
data/jupp-3.1.40/charmap.h:48:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alphx_map[32];
data/jupp-3.1.40/charmap.h:49:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char print_map[32];
data/jupp-3.1.40/compat.c:121:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char *)lp) + 8192, ((char *)lold) + 8192,
data/jupp-3.1.40/compat.c:244:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char joe_days[7][4] = {
data/jupp-3.1.40/compat.c:248:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char joe_months[12][4] = {
data/jupp-3.1.40/compat.c:259:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char joe_ctime_buf[24 + T_MAXLEN(time_t) + 2];
data/jupp-3.1.40/dir.c:13:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d_name[14];
data/jupp-3.1.40/dir.c:18:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(name, "r");
data/jupp-3.1.40/help.c:39:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024]; /* input buffer */
data/jupp-3.1.40/i18n.c:557:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unictrlbuf[11];
data/jupp-3.1.40/i18n.h:38:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char unictrlbuf[11];
data/jupp-3.1.40/macro.c:534:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/jupp-3.1.40/main.c:237:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/jupp-3.1.40/main.c:256:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/jupp-3.1.40/main.c:275:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/jupp-3.1.40/menu.c:122:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int d = txtwidth(s[x],strlen((char *)(s[x])));
data/jupp-3.1.40/path.c:240:12: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((fd = mkstemp((char *)name)) == -1) {
data/jupp-3.1.40/path.c:259:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(name, O_RDONLY)) != -1) {
data/jupp-3.1.40/path.c:263:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(name, O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) {
data/jupp-3.1.40/path.c:379:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[PATH_MAX];
data/jupp-3.1.40/rc.c:182:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *pieces[26];
data/jupp-3.1.40/rc.c:322:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strcmp((const char *)glopts[x].name, "backpath"))
data/jupp-3.1.40/rc.c:639:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *r = vsncpy(NULL,0,t[x],(unsigned char *)strrchr((char *)(t[x]),'.')-t[x]);
data/jupp-3.1.40/rc.c:639:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *r = vsncpy(NULL,0,t[x],(unsigned char *)strrchr((char *)(t[x]),'.')-t[x]);
data/jupp-3.1.40/rc.c:646:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/jupp-3.1.40/rc.c:650:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
*strrchr((char *)t[x],'.') = 0;
data/jupp-3.1.40/rc.c:736:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[OPT_BUF_SIZE];
data/jupp-3.1.40/rc.c:775:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
joe_snprintf_1((char *)buf, OPT_BUF_SIZE,
data/jupp-3.1.40/rc.c:776:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)glopts[x].yes, *glopts[x].set.i);
data/jupp-3.1.40/rc.c:790:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
joe_snprintf_1((char *)buf, OPT_BUF_SIZE,
data/jupp-3.1.40/rc.c:791:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)glopts[x].yes, *glopts[x].set.us);
data/jupp-3.1.40/rc.c:793:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
joe_snprintf_1((char *)buf, OPT_BUF_SIZE,
data/jupp-3.1.40/rc.c:794:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)glopts[x].yes, "");
data/jupp-3.1.40/rc.c:805:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
joe_snprintf_1((char *)buf, OPT_BUF_SIZE,
data/jupp-3.1.40/rc.c:806:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)glopts[x].yes, RELOPT(&bw->o, x));
data/jupp-3.1.40/rc.c:809:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
joe_snprintf_1((char *)buf, OPT_BUF_SIZE,
data/jupp-3.1.40/rc.c:810:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)glopts[x].yes, RELOPT(&bw->o, x) + 1);
data/jupp-3.1.40/rc.c:823:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
joe_snprintf_1((char *)buf, OPT_BUF_SIZE,
data/jupp-3.1.40/rc.c:824:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)glopts[x].yes,
data/jupp-3.1.40/rc.c:834:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
joe_snprintf_1((char *)buf, OPT_BUF_SIZE,
data/jupp-3.1.40/rc.c:835:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)glopts[x].yes,
data/jupp-3.1.40/rc.c:946:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];/* Input buffer */
data/jupp-3.1.40/regex.c:152:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/jupp-3.1.40/scrn.c:183:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[7];
data/jupp-3.1.40/scrn.c:346:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, t->ti, n1);
data/jupp-3.1.40/scrn.c:347:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp + n1, t->cap->paste_on, n2 + 1);
data/jupp-3.1.40/scrn.c:353:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, t->cap->paste_off, n2 + 1);
data/jupp-3.1.40/scrn.c:355:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp + n2, t->te, n1 + 1);
data/jupp-3.1.40/syntax.c:25:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[7];
data/jupp-3.1.40/syntax.c:119:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[20]; /* Name buffer (trunc after 19 characters) */
data/jupp-3.1.40/syntax.c:244:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/jupp-3.1.40/syntax.c:245:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[256];
data/jupp-3.1.40/syntax.c:246:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf1[256];
data/jupp-3.1.40/syntax.c:273:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)buf,"r");
data/jupp-3.1.40/syntax.c:278:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)buf,"r");
data/jupp-3.1.40/tab.c:84:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (stat((char *)(files[a]), &buf)) {
data/jupp-3.1.40/termcap.c:119:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[80];
data/jupp-3.1.40/termcap.c:229:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f1 = fopen((char *)(npbuf[y]), "r");
data/jupp-3.1.40/termcap.c:229:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
f1 = fopen((char *)(npbuf[y]), "r");
data/jupp-3.1.40/termcap.c:233:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)idxname, "r");
data/jupp-3.1.40/termcap.c:456:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi((const char *)(s->value));
data/jupp-3.1.40/termidx.c:78:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[65536];
data/jupp-3.1.40/tty.c:206:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1024];
data/jupp-3.1.40/tty.c:305:74: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (idleout ? (!(termin = stdin) || !(termout = stdout)) : (!(termin = fopen("/dev/tty", "r")) || !(termout = fopen("/dev/tty", "w")))) {
data/jupp-3.1.40/tty.c:305:113: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (idleout ? (!(termin = stdin) || !(termout = stdout)) : (!(termin = fopen("/dev/tty", "r")) || !(termout = fopen("/dev/tty", "w")))) {
data/jupp-3.1.40/tty.c:720:21: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
#define v_or_fork() vfork()
data/jupp-3.1.40/tty.c:894:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*ptyfd = fdm = open("/dev/ptmx", O_RDWR);
data/jupp-3.1.40/tty.c:907:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char name[32];
data/jupp-3.1.40/tty.c:936:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ttyname[32];
data/jupp-3.1.40/tty.c:955:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:955:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:956:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((*ptyfd = open((char *)ttyname, O_RDWR)) >= 0) {
data/jupp-3.1.40/tty.c:959:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:959:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:961:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
x = open((char *)ttyname, O_RDWR);
data/jupp-3.1.40/tty.c:966:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:966:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:967:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*ptyfd = open((char *)ttyname, O_RDWR);
data/jupp-3.1.40/tty.c:970:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:970:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strlcat((char *)ttyname, (char *)(ptys[fd]), 32);
data/jupp-3.1.40/tty.c:1037:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[80];
data/jupp-3.1.40/tty.c:1137:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
x = open("/dev/tty", O_RDWR);
data/jupp-3.1.40/tty.c:1161:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((x = open((char *)name, O_RDWR)) != -1) {
data/jupp-3.1.40/tw.c:109:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf1[stdsiz];
data/jupp-3.1.40/tw.c:154:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[80];
data/jupp-3.1.40/types.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[8192 - sizeof(struct jalloc_common) - sizeof(size_t)];
data/jupp-3.1.40/types.h:667:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *pieces[26]; /* Pieces of the matched string */
data/jupp-3.1.40/ublock.c:935:21: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
#define v_or_fork() vfork()
data/jupp-3.1.40/uedit.c:1093:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[10];
data/jupp-3.1.40/uedit.c:1182:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/jupp-3.1.40/uedit.c:1211:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[40];
data/jupp-3.1.40/ufile.c:160:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open((const char *)from, O_RDONLY);
data/jupp-3.1.40/ufile.c:223:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[1024 + 12];
data/jupp-3.1.40/ufile.c:224:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[1024];
data/jupp-3.1.40/ufile.c:450:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open((char *)s, O_RDONLY);
data/jupp-3.1.40/ufile.c:994:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/jupp-3.1.40/uisrch.c:197:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/jupp-3.1.40/uisrch.c:230:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/jupp-3.1.40/umath.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char math_res[JOE_MSGBUFSIZE];
data/jupp-3.1.40/umath.c:247:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgbuf, math_res, JOE_MSGBUFSIZE);
data/jupp-3.1.40/usearch.c:55:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[MAX_WORD_SIZE];
data/jupp-3.1.40/usearch.c:603:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[12];
data/jupp-3.1.40/ushell.c:76:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[1024];
data/jupp-3.1.40/utag.c:28:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/jupp-3.1.40/utag.c:40:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("tags", "r");
data/jupp-3.1.40/utf8.c:254:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/jupp-3.1.40/utf8.h:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8]; /* Record of sequence */
data/jupp-3.1.40/vfile.c:64:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vfile->fd = open((char *)(vfile->name), O_RDWR);
data/jupp-3.1.40/vfile.c:119:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vfile->fd = open((char *)(vfile->name), O_RDWR);
data/jupp-3.1.40/vfile.c:237:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!vfile->fd && (vfile->fd = open((char *)(vfile->name),
data/jupp-3.1.40/w.c:741:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msgbuf[JOE_MSGBUFSIZE];
data/jupp-3.1.40/w.h:152:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char msgbuf[JOE_MSGBUFSIZE];
data/jupp-3.1.40/win32.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PATH + 1];
data/jupp-3.1.40/b.c:1883:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return binsm(p, s, strlen((char *)s));
data/jupp-3.1.40/help.c:55:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = '\0';
data/jupp-3.1.40/menu.c:73:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)m->list[x + y*m->perline + m->top]),
data/jupp-3.1.40/menu.c:94:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col = txtwidth(m->list[m->cursor],strlen((char *)m->list[m->cursor]));
data/jupp-3.1.40/menu.c:122:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int d = txtwidth(s[x],strlen((char *)(s[x])));
data/jupp-3.1.40/menu.c:145:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int d = txtwidth(m->list[x],strlen((char *)(m->list[x])));
data/jupp-3.1.40/path.c:43:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define NAMLEN(dirent) strlen((dirent)->d_name)
data/jupp-3.1.40/path.c:47:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define NAMLEN(dirent) strlen((dirent)->d_name)
data/jupp-3.1.40/path.c:125:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z = path + strlen((char *)path);
data/jupp-3.1.40/path.c:234:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namesize = strlen((const char *)where) + 20;
data/jupp-3.1.40/rc.c:194:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)o->contents_regex), p, 0, 0);
data/jupp-3.1.40/rc.c:882:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s[x]) > len)
data/jupp-3.1.40/rc.c:883:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s[x]);
data/jupp-3.1.40/rc.c:886:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s[x]);
data/jupp-3.1.40/scrn.c:342:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1 = t->ti ? strlen(t->ti) : 0;
data/jupp-3.1.40/scrn.c:343:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n2 = strlen(t->cap->paste_on);
data/jupp-3.1.40/scrn.c:350:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1 = t->te ? strlen(t->te) : 0;
data/jupp-3.1.40/scrn.c:351:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n2 = strlen(t->cap->paste_off);
data/jupp-3.1.40/termcap.c:70:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (c = getc(fd), c == ' ' || c == '\t' || c == '#')
data/jupp-3.1.40/termcap.c:72:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fd);
data/jupp-3.1.40/termcap.c:79:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fd);
data/jupp-3.1.40/termcap.c:98:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (c = getc(fd), c != -1)
data/jupp-3.1.40/termidx.c:22:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (c = getc(fd), c == ' ' || c == '\t' || c == '#')
data/jupp-3.1.40/termidx.c:24:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fd);
data/jupp-3.1.40/termidx.c:40:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fd);
data/jupp-3.1.40/termidx.c:54:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((char *)(s + z)) > 2 && !strchr((char *)(s + z), ' ') && !strchr((char *)(s + z), '\t')) {
data/jupp-3.1.40/tty.c:558:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(mpxfd, &pack, 1);
data/jupp-3.1.40/tty.c:577:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fileno(termin), &havec, 1) == 1)
data/jupp-3.1.40/tty.c:659:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (read(fileno(termin), &havec, 1) < 1) {
data/jupp-3.1.40/tty.c:1207:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(0,(char *)buf,strlen((char *)buf))) {}
data/jupp-3.1.40/ufile.c:172:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((amnt = read(f, stdbuf, stdsiz)) > 0) {
data/jupp-3.1.40/uformat.c:328:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
to += strlen((char *)indents);
data/jupp-3.1.40/umath.c:250:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pfwrd(bw->cursor, strlen((char *)msgbuf));
data/jupp-3.1.40/utils.c:51:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rt = read(fd, buf, size);
data/jupp-3.1.40/utils.c:75:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((z = read(fd, buf, size)) < 0) {
ANALYSIS SUMMARY:
Hits = 235
Lines analyzed = 38717 in approximately 1.10 seconds (35295 lines/second)
Physical Source Lines of Code (SLOC) = 31571
Hits@level = [0] 76 [1] 35 [2] 143 [3] 26 [4] 31 [5] 0
Hits@level+ = [0+] 311 [1+] 235 [2+] 200 [3+] 57 [4+] 31 [5+] 0
Hits/KSLOC@level+ = [0+] 9.85081 [1+] 7.44354 [2+] 6.33493 [3+] 1.80545 [4+] 0.981914 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.