Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/k2pdfopt-2.53+ds/willuslib/fontrender.c
Examining data/k2pdfopt-2.53+ds/willuslib/wgs.c
Examining data/k2pdfopt-2.53+ds/willuslib/winmbox.c
Examining data/k2pdfopt-2.53+ds/willuslib/filelist.c
Examining data/k2pdfopt-2.53+ds/willuslib/wfile.c
Examining data/k2pdfopt-2.53+ds/willuslib/winshell.c
Examining data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c
Examining data/k2pdfopt-2.53+ds/willuslib/bmp.c
Examining data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c
Examining data/k2pdfopt-2.53+ds/willuslib/fontdata.c
Examining data/k2pdfopt-2.53+ds/willuslib/wpdf.c
Examining data/k2pdfopt-2.53+ds/willuslib/ocr.c
Examining data/k2pdfopt-2.53+ds/willuslib/render.c
Examining data/k2pdfopt-2.53+ds/willuslib/linux.c
Examining data/k2pdfopt-2.53+ds/willuslib/math.c
Examining data/k2pdfopt-2.53+ds/willuslib/ocrgocr.c
Examining data/k2pdfopt-2.53+ds/willuslib/mem.c
Examining data/k2pdfopt-2.53+ds/willuslib/token.c
Examining data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c
Examining data/k2pdfopt-2.53+ds/willuslib/dtcompress.c
Examining data/k2pdfopt-2.53+ds/willuslib/wgui.c
Examining data/k2pdfopt-2.53+ds/willuslib/string.c
Examining data/k2pdfopt-2.53+ds/willuslib/wsys.c
Examining data/k2pdfopt-2.53+ds/willuslib/win.c
Examining data/k2pdfopt-2.53+ds/willuslib/wincomdlg.c
Examining data/k2pdfopt-2.53+ds/willuslib/wzfile.c
Examining data/k2pdfopt-2.53+ds/willuslib/strbuf.c
Examining data/k2pdfopt-2.53+ds/willuslib/willusversion.c
Examining data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c
Examining data/k2pdfopt-2.53+ds/willuslib/array.c
Examining data/k2pdfopt-2.53+ds/willuslib/winbmp.c
Examining data/k2pdfopt-2.53+ds/willuslib/willus.h
Examining data/k2pdfopt-2.53+ds/willuslib/ansi.c
Examining data/k2pdfopt-2.53+ds/willuslib/point2d.c
Examining data/k2pdfopt-2.53+ds/willuslib/wininet.c
Examining data/k2pdfopt-2.53+ds/willuslib/wmupdf.c
Examining data/k2pdfopt-2.53+ds/willuslib/ocrtess.c
Examining data/k2pdfopt-2.53+ds/willuslib/wleptonica.c
Examining data/k2pdfopt-2.53+ds/willuslib/gslpolyfit.c
Examining data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c
Examining data/k2pdfopt-2.53+ds/tesseract_mod/dotproductsse.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/intsimdmatrixsse.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/tprintf.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/openclwrapper.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/simddetect.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/dotproductavx.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/serialis.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/input.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/dotproductfma.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/tess_version.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/errcode.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/genericvector.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/intsimdmatrixavx2.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/tessdatamanager.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/params.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/tprintf.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/tesseract.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/lstmrecognizer.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/unicharset.h
Examining data/k2pdfopt-2.53+ds/tesseract_mod/tessedit.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/serialis.cpp
Examining data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp
Examining data/k2pdfopt-2.53+ds/leptonica_mod/allheaders.h
Examining data/k2pdfopt-2.53+ds/leptonica_mod/environ.h
Examining data/k2pdfopt-2.53+ds/leptonica_mod/leptwin.c
Examining data/k2pdfopt-2.53+ds/leptonica_mod/dewarp2.c
Examining data/k2pdfopt-2.53+ds/leptonica_mod/endianness.h
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2publish.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2version.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/pageregions.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2files.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/devprofile.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/textwords.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/textrows.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_osdep.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mark.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/pagelist.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mem.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2usage.c
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h
Examining data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c
Examining data/k2pdfopt-2.53+ds/k2pdfopt.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/stext-device.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/pdf-link.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/color-lcms.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/font.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/pdf-parse.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/string.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/mupdf/helpers/mu-threads.h
Examining data/k2pdfopt-2.53+ds/mupdf_mod/mupdf/fitz/config.h
Examining data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c
Examining data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c
FINAL RESULTS:
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2667:12: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
return(readlink(filename,src==NULL?linkval:src,1023)>=0);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:171:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname,filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:193:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"File %s cannot be opened.",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:273:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,tempname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:352:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(k2listproc->outname,k2fileproc->outname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1088:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(author,k2settings->dst_author);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1119:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(masterinfo->pageinfo.author,k2settings->dst_author);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1121:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(masterinfo->pageinfo.title,title);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1285:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(abs1,name1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1287:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(abs2,name2);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1315:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempstr,basename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1317:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempstr,&basename[i+6]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1318:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,tempstr);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1328:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fmt_noext,ext);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1329:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,fmt_noext);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1332:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mfmt,basename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1361:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newname,"%s%04d.pdf",dst,i);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1364:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,newname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1397:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fmt,fmt0);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1413:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basespec,ext);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1417:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fmt,basespec);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1448:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&dst[strlen(dst)],"%s",basespec);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1450:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&dst[strlen(dst)],"%s",basebasespec);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1452:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&dst[strlen(dst)],"%s",basepath);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1457:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(&dst[strlen(dst)],xfmt,filecount);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1459:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(&dst[strlen(dst)],xfmt,pagecount);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1470:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst,defext);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1538:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname,outname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1616:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname,buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1624:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname,newname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1646:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newbase,"%s_old%04d.%s",basename,i,ext);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1699:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oline->title,buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1757:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(srcfilename,filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2075:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,original_file);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2343:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(k2fileproc->outname,dstfile);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2files.c:69:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(k2files->file[k2files->n],filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:986:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(k2settings->dst_ocr_lang,ocrtess_langnames[j*3+1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1042:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(box->pagelist,buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1173:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(k2settings->dst_ocr_lang,lang);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1178:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(k2settings->dst_ocr_lang,lang);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1873:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"FILE: %s\r\n\r\nCannot obtain information.\r\n",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2031:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2046:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2094:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"File %s already exists? Overwrite it?",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2107:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Cannot open file %s for overwriting.",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2131:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Error writing settings to file %s.",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2137:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Settings successfully saved to file %s.",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2166:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Cannot open settings file %s for reading.",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2201:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Settings restored from file %s.",filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2253:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basepath,filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2465:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,button_label[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2466:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,button_label[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2512:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,control->name);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2654:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,names[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2665:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,labels[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2702:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,i==0?"widthunits":"heightunits");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2892:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,ppname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2929:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,k2gui->preview_processing?"Cancel":"Pre&view");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2930:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,control->name);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2967:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,bname[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2968:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,bname[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3012:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,label[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3020:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,name[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3138:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,bname[j]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3139:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,bname[j]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3192:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,names[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3204:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,labels[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3286:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(control->name,names[i],k+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3288:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,labels[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3369:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,name[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3371:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,label[0]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3584:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,checkboxname[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3585:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,checkboxlabel[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3828:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->label,buttonnames[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3829:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,buttonnames[i]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3878:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Max number of window controls exceeded. Max allowed=%d. Last valid control name = '%s'",MAXGUICONTROLS,k2gui->control[MAXGUICONTROLS-1].name);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3916:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,box->pagelist);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3927:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf,fmtstr,box->box[fieldindex-1],k2pdfopt_settings_unit_string(box->units[fieldindex-1]));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4368:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Preview failed.\n\n%s.",err[statuscode]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4864:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2,"%s\n%s",contextmenu_help[i+2],unithelp);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:108:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:125:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:144:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:201:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&d[i],s);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:355:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf[1],"Open File%s",k2gui_cbox_nfiles()==1?"":"s");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:356:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf[2],"Open Containing Folder%s",k2gui_cbox_nfolders()==1?"":"s");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:425:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Starting conversion of %s...",k2gui_short_name(k2conv->k2files.file[i]));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:468:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Conversion of file %s aborted (%s).",filename,err[statuscode-1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:590:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:642:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%d of %d file%s completed.",nfiles,k2gui_cbox->num_files,k2gui_cbox->num_files==1?"":"s");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:652:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)]," There w%s %d error%s--see log above.",
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:684:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s: %d of %d pages completed.",k2gui_cbox->filename,n,k2gui_cbox->num_pages);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:758:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
status=vsprintf(prbuf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:922:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,buttonlabel[i-1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_osdep.c:937:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buttontext,subid==0 ? "_up_" : "_down_");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_osdep.c:939:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buttontext,ud2text[subid]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_osdep.c:941:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buttontext,k2gui->control[controlid].label);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:306:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Creating overlay for %s...",k2gui_overlay->filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:473:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Error %d getting page %d of file %s.",statuscode,pagenum,filename);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:562:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s: %d of %d pages completed.",k2gui_overlay->filename,n,k2gui_overlay->num_pages);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:628:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
status=vsprintf(prbuf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:828:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(control->name,buttonlabel[i-1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:123:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(masterinfo->pageinfo.producer,"K2pdfopt %s",k2pdfopt_version);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1654:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(basename,"outpage%05d.%s",filecount+1,k2settings->jpeg_quality>0?"jpg":"png");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2871:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fgc,k2settings_color_by_index(k2settings->dst_fgcolor,
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2874:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bgc,k2settings_color_by_index(k2settings->dst_bgcolor,
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2897:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fgc,k2settings->dst_fgcolor);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2901:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bgc,k2settings->dst_bgcolor);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:222:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,buf2);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:94:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(initstr,tessnot);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:105:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(initstr,gocrnot);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:190:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ocrinitmessage,"Could not initialize any Tesseract threads.\n"
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:199:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(initstr,ocrinitmessage);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:205:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(initstr,ocrinitmessage);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:221:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(initstr,ocrinitmessage);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:262:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,ANSI_MAGENTA);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:263:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,datapath);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:265:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,ANSI_NORMAL);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:279:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%s environment variable",var);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:287:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,label);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:290:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,color);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:291:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,string==NULL ? "(not set)" : string);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:293:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,ANSI_NORMAL);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:355:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Download of training file for language %s to folder %s failed. "
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:361:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"Download of training file for language %s to folder %s successful.",
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:403:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(otii->initstr,initstr);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:463:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[i],buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1298:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(box->pagelist,buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1366:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(k2settings->noteset.notes[index].pagelist,buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:423:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg2,message);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:195:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
status=vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:501:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(src->dst_landscape_pages,dst->dst_landscape_pages);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:573:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmdopt,dst->src_paintwhite?"-wt+":"-wt");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:680:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(srcval,dstval);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:694:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(srcval,dstval);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:711:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(srcval,dstval);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:117:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(date,__DATE__);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:124:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&cap[strlen(cap)],"%sDjVuLibre",cap[0]=='\0'?" (w/":",");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:127:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&cap[strlen(cap)],"%sOCR",cap[0]=='\0'?" (w/":",");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:141:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s,"k2pdfopt %s%s\r\n"
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:185:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
status=vsnprintf(buf,sizeof(buf),fmt,args);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2usage.c:1172:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pat2,"*%s*",pattern);
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:159:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,def);
data/k2pdfopt-2.53+ds/leptonica_mod/environ.h:561:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf(buf, size, ...) _snprintf_s(buf, size, _TRUNCATE, __VA_ARGS__)
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-link.c:351:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_uri, uri_base);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-link.c:352:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new_uri, uri);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:1510:13: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (doc->crypt)
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:1572:27: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
pdf_drop_crypt(ctx, doc->crypt);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:2095:12: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (doc->crypt)
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:2096:28: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
pdf_crypt_obj(ctx, doc->crypt, x->obj, x->num, x->gen);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:2303:12: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (doc->crypt)
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:2305:34: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
pdf_crypt_version(ctx, doc->crypt),
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:2306:35: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
pdf_crypt_revision(ctx, doc->crypt),
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:2307:33: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
pdf_crypt_length(ctx, doc->crypt),
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:2308:33: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
pdf_crypt_method(ctx, doc->crypt));
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:3511:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(field_name, name_prefix);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:3516:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(field_name, name);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1485:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret, tsv_str.string());
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1603:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&tutf8[it8],textstr.string());
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1823:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result, text.c_str());
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:197:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(istr,"%s",api->Version());
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:209:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&istr[strlen(istr)]," [%s",simdtype[i]);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:211:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&istr[strlen(istr)],"+%s",simdtype[i]);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:216:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&istr[strlen(istr)],"\n Tesseract data folder = '%s'",datapath==NULL?getenv("TESSDATA_PREFIX"):datapath);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:235:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&istr[strlen(istr)],"%s%s [%s]",i==0?"":", ",lang1->lang.string(),
data/k2pdfopt-2.53+ds/tesseract_mod/tprintf.cpp:75:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(debugfp, format, args);
data/k2pdfopt-2.53+ds/tesseract_mod/tprintf.cpp:77:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:116:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x_wlp_filename,wlp_filename);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:133:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wlp_filename,x_wlp_filename);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:159:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wlp_filename,filename);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:182:16: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(stdout,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:188:16: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(stderr,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:194:16: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(wlp_stream,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:204:20: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(wlp_file,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:227:16: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(f1,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:233:16: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(f2,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:253:16: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(f,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:282:16: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
status=vsprintf(ansi_buffer,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:290:20: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
status=vsprintf(ansi_buffer,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:294:20: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(f,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4148:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ansicode,bmp_color_name(r,g,b));
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4152:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ansicode,acodes[i]);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4155:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ansicode,ANSI_NORMAL);
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:301:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outline->title,miniexp_to_str(p));
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:353:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"DJVU File: %s\r\n\r\n%d total pages\r\n\r\n",filename,npages);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:204:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"CBZ File: %s\r\n\r\n%d total pages\r\n\r\n",filename,npages);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:126:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fl->dir,newdir);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:136:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst->dir,src->dir);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:231:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result->dir,set2->dir);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:312:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new->dir,src1->dir);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:989:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%s%c%s",&dir[i+1],SLASH,spec);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:990:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(spec,buf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1032:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(zipfileabs,zipfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1041:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(zipdir,fl->dir);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1054:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(curdir,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1057:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"zip \"%s\" -@ < \"%s\" 1> z1.out 2> z1.err",zipfileabs,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1059:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"zip \"%s\" -@ < \"%s\" > /dev/null",zipfileabs,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1061:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1216:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(unique,wf.fullname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1272:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -C -v \"%s\" > \"%s\"",archfile,tempname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1274:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -v \"%s\" > \"%s\"",archfile,tempname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1277:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"7z l \"%s\" > \"%s\"",archfile,tempname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1278:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1288:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fl2->dir,archfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1414:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(unique,entry->name);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1434:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(unique,wf->fullname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1573:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tname,pattern);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1717:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fl->dir,zipfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1720:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"7z l \"%s\" > \"%s\"",zipfile,tempname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1723:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -C -v \"%s\" > \"%s\"",zipfile,tempname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1725:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -v \"%s\" > \"%s\"",zipfile,tempname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1727:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1771:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,prepend);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1936:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,&buf[i]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1968:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dbuf,tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1976:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dbuf,tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2009:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,&buf[i]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2044:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dbuf,tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2052:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dbuf,tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2066:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,&buf[i]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2110:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fl->entry[fl->n].name,entry->name);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2265:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p,newname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2278:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p,newname);
data/k2pdfopt-2.53+ds/willuslib/linux.c:65:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,exename);
data/k2pdfopt-2.53+ds/willuslib/linux.c:75:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,p);
data/k2pdfopt-2.53+ds/willuslib/linux.c:81:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,basename);
data/k2pdfopt-2.53+ds/willuslib/linux.c:98:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,file);
data/k2pdfopt-2.53+ds/willuslib/linux.c:109:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,file);
data/k2pdfopt-2.53+ds/willuslib/linux.c:134:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,p);
data/k2pdfopt-2.53+ds/willuslib/linux.c:150:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,tfile);
data/k2pdfopt-2.53+ds/willuslib/math.c:261:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,notenough,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:267:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,notenough,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:277:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:299:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:312:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:361:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,notenough,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:367:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,notenough,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:376:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:389:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:401:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:473:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,notenough,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:479:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,notenough,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:490:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:512:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/math.c:526:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output,internal,filename);
data/k2pdfopt-2.53+ds/willuslib/ocr.c:460:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst->text,src->text);
data/k2pdfopt-2.53+ds/willuslib/ocr.c:854:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,word_swaps[i+1]);
data/k2pdfopt-2.53+ds/willuslib/ocrgocr.c:115:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2,buf);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:245:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(basename,"%s.traineddata",lang);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:269:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(httpurl,"%s/%s",url,urlbasename);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:324:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(envvar,"TESSDATA%s_URL",fast?"FAST":"");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:329:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(url,defurl,fast?"fast":"best");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:334:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(httpurl,!strnicmp(url,"http://",7)||!strnicmp(url,"https://",8)?"%s":"https://%s",
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:441:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&tessdebug[strlen(tessdebug)],"%s",header);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:450:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,fl->entry[j].name);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:463:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tessdebug,ANSI_YELLOW);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:465:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tessdebug,name);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:470:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tessdebug,ANSI_WHITE);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:476:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tessdebug,ANSI_NORMAL);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:479:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(&tessdebug[strlen(tessdebug)],fmt,fl->entry[j].size/1024./1024.,
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:485:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tessdebug,ANSI_NORMAL);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1004:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d,s);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1010:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(d,s);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1080:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"WILLUS lib %s",willuslibversion());
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1086:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mdate,"D:%04d%02d%02d%02d%02d%02d%s",
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1699:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sentence->text,word[i].text);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:2110:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oline->title,&buf[j]);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:125:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sbuf->s,s);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:138:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sbuf->s,s);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:155:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sbuf->s,s);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:181:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sbuf->s,s);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:229:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:249:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:272:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:277:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sbuf->s,buf);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:296:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:303:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sbuf->s,buf);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:308:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sbuf2->s,buf);
data/k2pdfopt-2.53+ds/willuslib/string.c:275:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,s);
data/k2pdfopt-2.53+ds/willuslib/string.c:370:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line1,"usage: %s",progname);
data/k2pdfopt-2.53+ds/willuslib/string.c:374:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,line1);
data/k2pdfopt-2.53+ds/willuslib/string.c:391:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,linen);
data/k2pdfopt-2.53+ds/willuslib/string.c:393:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,next);
data/k2pdfopt-2.53+ds/willuslib/string.c:413:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s,fmt,x);
data/k2pdfopt-2.53+ds/willuslib/string.c:466:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(tbuf,m==size ? "%d%s":"%03d%s",m,i>0 ? "," : "");
data/k2pdfopt-2.53+ds/willuslib/string.c:467:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tbuf,s);
data/k2pdfopt-2.53+ds/willuslib/string.c:468:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,tbuf);
data/k2pdfopt-2.53+ds/willuslib/string.c:473:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tbuf,s);
data/k2pdfopt-2.53+ds/willuslib/string.c:474:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,tbuf);
data/k2pdfopt-2.53+ds/willuslib/string.c:512:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(tbuf,fmt,i);
data/k2pdfopt-2.53+ds/willuslib/string.c:517:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tbuf,&t2[i]);
data/k2pdfopt-2.53+ds/willuslib/string.c:521:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tbuf,s);
data/k2pdfopt-2.53+ds/willuslib/string.c:522:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,tbuf);
data/k2pdfopt-2.53+ds/willuslib/string.c:528:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tbuf,s);
data/k2pdfopt-2.53+ds/willuslib/string.c:529:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,tbuf);
data/k2pdfopt-2.53+ds/willuslib/string.c:660:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p,s);
data/k2pdfopt-2.53+ds/willuslib/string.c:765:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nbuf,p);
data/k2pdfopt-2.53+ds/willuslib/string.c:813:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nbuf,p);
data/k2pdfopt-2.53+ds/willuslib/string.c:870:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dest,p);
data/k2pdfopt-2.53+ds/willuslib/string.c:915:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf,fmt,value);
data/k2pdfopt-2.53+ds/willuslib/string.c:924:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf,fmt,value);
data/k2pdfopt-2.53+ds/willuslib/string.c:1044:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
n=sscanf(buf,"%s %s %s",tok[0],tok[1],tok[2]);
data/k2pdfopt-2.53+ds/willuslib/string.c:1254:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,s);
data/k2pdfopt-2.53+ds/willuslib/string.c:1267:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2,&buf[j]);
data/k2pdfopt-2.53+ds/willuslib/token.c:119:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(allowed_white,s);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:318:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:326:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&dst[i+1],ext[0]=='.' ? &ext[1]:ext);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:330:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&dst[strlen(dst)],".%s",ext[0]=='.' ? &ext[1] : ext);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:344:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:384:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wptr->basename,fname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:442:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wptr->basename,fname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:524:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn2,filename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:732:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdbuf,"touch -t %02d%02d%02d%02d%02d.%02d \"%s\"",
data/k2pdfopt-2.53+ds/willuslib/wfile.c:736:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdbuf,"touch -t %02d%02d%02d%02d%02d.%02d %s",
data/k2pdfopt-2.53+ds/willuslib/wfile.c:739:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmdbuf);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1031:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(volume,volname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1037:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filesys,fs);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1081:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"bdf \"%s\" > \"%s\"",volume,tempname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1083:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"df -k \"%s\" > \"%s\"",volume,tempname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1085:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1280:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"which \"%s\" > \"%s\"",filename,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1281:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1293:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"file \"%s\" > \"%s\"",fullname,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1294:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1448:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newpath,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1618:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,&fullname[i2]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1628:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,&fullname[i2+i+1]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1631:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(basename,"..%c%s",SLASH,&fullname[i2+si]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1639:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,&fullname[i2+i+1]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1654:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(basename,&fullname[i2+si]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1738:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullname,spec);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1757:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cwd,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1760:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -C -o \"%s\" \"%s\" 1> nul 2> nul",path,spec);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1762:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -o \"%s\" \"%s\" > /dev/null",path,spec);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1764:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1799:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1817:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,ALLFILES);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1825:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst,ALLFILES);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1843:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1861:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cwd,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1862:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,filename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1870:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(expanded,filename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1893:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1980:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tpath,P_tmpdir);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1984:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,tpath);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1996:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir,p);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2001:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir,p);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2032:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myprefix,prefix);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2039:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mydir,dir);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2059:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mydir,dir);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2089:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mydir,dir);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2094:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cwd,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2095:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tname,tempnam(mydir,prefix==NULL ? "" : prefix));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2123:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,wfile_tempname(NULL,NULL));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2344:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempname,wfile_tempname(NULL,NULL));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2359:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(theader,buf);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2564:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wptr->basename,d->d_name);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2710:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wptr->basename,ffb->ff_name);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2723:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wptr->basename,ffb->ff_name);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2831:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filespec,rf->initpath);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2843:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filespec,p->wf.basename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2847:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filespec,p->next->wf.basename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2993:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rf->path,wf->path);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2994:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rf->fullname,wf->fullname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2995:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rf->basename,wf->basename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2996:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rf->directory,rf->fullname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3150:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(curdir,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3151:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname,filename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3158:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -j \"%s\" 1> nul 2> nul",fullname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3159:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3171:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname,fl->entry[0].name);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3225:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(folder,getenv(envdir));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3248:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(folder,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3278:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(folder,&folderlist[j][k]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3328:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname,locfullname);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:150:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argtemp,"-sOutputFile=%s",tempfile);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:152:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(srcfile,filename);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:206:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argtemp,"-sOutputFile=%s",dstfile);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:214:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(argsrc,"%s",srcfile);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:389:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&cmd[strlen(cmd)],"\"%s\"",willusgs_name);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:391:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&cmd[strlen(cmd)]," \"%s\"",argv[i]);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:399:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status=system(cmd);
data/k2pdfopt-2.53+ds/willuslib/wgui.c:221:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message,"Cannot open %s!",filename);
data/k2pdfopt-2.53+ds/willuslib/wgui.c:228:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdopts,"/c start \"\" \"%s\"",filename);
data/k2pdfopt-2.53+ds/willuslib/willus.h:1133:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void wsys_system_version(char *system,char *_os,char *_chip,char *_compiler);
data/k2pdfopt-2.53+ds/willuslib/willus.h:1150:54: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int wsys_set_envvar(char *varname,char *value,int system);
data/k2pdfopt-2.53+ds/willuslib/win.c:109:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,exename);
data/k2pdfopt-2.53+ds/willuslib/win.c:238:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdline,"\"%s\" %s",exename,cmdlineopts);
data/k2pdfopt-2.53+ds/willuslib/win.c:318:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdline,"\"%s\"%s%s",exename,cmdlineopts[0]=='\0'?"":" ",
data/k2pdfopt-2.53+ds/willuslib/win.c:370:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdline,"\"%s\" %s",exename,cmdlineopts);
data/k2pdfopt-2.53+ds/willuslib/win.c:408:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdline,"\"%s\" %s",exename,cmdlineopts);
data/k2pdfopt-2.53+ds/willuslib/win.c:672:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p,lbuf);
data/k2pdfopt-2.53+ds/willuslib/win.c:1582:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,p);
data/k2pdfopt-2.53+ds/willuslib/win.c:1598:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,tfile);
data/k2pdfopt-2.53+ds/willuslib/win.c:1615:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename,exename);
data/k2pdfopt-2.53+ds/willuslib/win.c:1625:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,p);
data/k2pdfopt-2.53+ds/willuslib/win.c:1637:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,basename);
data/k2pdfopt-2.53+ds/willuslib/win.c:1648:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,file);
data/k2pdfopt-2.53+ds/willuslib/win.c:1656:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,file);
data/k2pdfopt-2.53+ds/willuslib/win.c:1665:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,file);
data/k2pdfopt-2.53+ds/willuslib/win.c:1673:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exactname,file);
data/k2pdfopt-2.53+ds/willuslib/win.c:1713:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest,filename);
data/k2pdfopt-2.53+ds/willuslib/win.c:1723:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dest,ext);
data/k2pdfopt-2.53+ds/willuslib/win.c:1873:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(syscmd);
data/k2pdfopt-2.53+ds/willuslib/win.c:2219:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newkeyname,"%s\\%s",keyname,valuename);
data/k2pdfopt-2.53+ds/willuslib/win.c:2407:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absname,linkname);
data/k2pdfopt-2.53+ds/willuslib/win.c:2616:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(basename,p);
data/k2pdfopt-2.53+ds/willuslib/win.c:2628:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"\"%s\" \"%s\"",newexe,exename);
data/k2pdfopt-2.53+ds/willuslib/win.c:2630:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)]," %s",cmdline);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:154:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host,&lurl[7]);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:156:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host,&lurl[8]);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:158:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host,lurl);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:159:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,dstname);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:164:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url,&host[i]);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:346:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpbuf,"wget --no-check-certificate --tries=1 -O \"%s\" \"%s\"",dstname,lurl);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:352:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpbuf,"curl --connect-timeout 15 -o \"%s\" \"%s\"",dstname,lurl);
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:683:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmb->class,classname);
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:78:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message,"Cannot find application to open %s!",filename);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:264:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(moddate,"D:%04d%02d%02d%02d%02d%02d%s",
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:683:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,k==0 ? " m" : " l");
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:689:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)]," /%s Do Q\n",xobject_name(box->srcbox.pageno));
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:697:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(bigbuf,buf);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:832:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(&buf[strlen(buf)],fmt,neg ? -x : x);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1728:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x->title,fzoutline->title);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:56:5: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
} crypt;
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:298:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label2,"%s:",label);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:299:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label3,"%-16s",label2);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:338:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"FILE SIZE: %.1f kB (%s bytes)\n",sz/1024.,sizecommas);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1254:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1282:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dst,"%d-%s-%04d %d:%02d:%02d",date,mname[(month-1)%12],year,hour,minute,second);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1286:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&dst[strlen(dst)]," GMT%s",&src[i]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1288:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&dst[strlen(dst)]," %s",&src[i]);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:61:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void wsys_system_version(char *system,char *_os,char *_chip,char *_compiler)
data/k2pdfopt-2.53+ds/willuslib/wsys.c:204:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(compname,"%s %s",compiler[ccode],compiler_version);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:206:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(compname,compiler[ccode]);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:207:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system!=NULL)
data/k2pdfopt-2.53+ds/willuslib/wsys.c:208:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(system,"%s, %s, %s",os[oscode],chip[chipcode],compname);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:208:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sprintf(system,"%s, %s, %s",os[oscode],chip[chipcode],compname);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:210:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_os,os[oscode]);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:212:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_chip,chip[chipcode]);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:214:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_compiler,compname);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:555:51: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int wsys_set_envvar(char *varname,char *value,int system)
data/k2pdfopt-2.53+ds/willuslib/wsys.c:579:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(estr,"%s=%s",varname,value);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:585:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system)
data/k2pdfopt-2.53+ds/willuslib/wsys.c:727:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(syscmd,cmd);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:731:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(syscmd,stdoutfile==NULL?nullname:stdoutfile);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:737:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(syscmd,stderrfile==NULL?nullname:stderrfile);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:740:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status=system(syscmd);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:87:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname,&filename[strlen(subarch)+1]);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:119:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newarch,pathname);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:135:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(archname_full,archfile);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:140:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cwd,wfile_get_wd());
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:143:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"7z -r e \"%s\" \"%s\" 1> nul 2> nul",archname_full,file_to_extract);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:146:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -C -o -j \"%s\" \"%s\" 1> nul 2> nul",archname_full,file_to_extract);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:148:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"unzip -o -j \"%s\" \"%s\" 1> nul 2> nul",archname_full,file_to_extract);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:150:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:224:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subarch,fl->entry[i].name);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:330:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:337:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst,compressed_exts[i]);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:349:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst,src);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:357:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst,uncompressed_exts[i]);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:413:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mode2,modestd);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:730:16: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
status=vsprintf(wzbuffer,fmt,args);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:738:12: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status=vfprintf(wz->f,fmt,args);
data/k2pdfopt-2.53+ds/k2pdfopt.c:113:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strbuf_cpy(env,getenv("K2PDFOPT"));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:672:45: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (k2settings->dst_ocr=='t' && getenv("TESSDATA_PREFIX")!=NULL)
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:679:38: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
wfile_fullname(tdir1,getenv("TESSDATA_PREFIX"),"tessdata");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:193:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("TESSDATA_PREFIX")==NULL?"(not assigned)":getenv("TESSDATA_PREFIX"));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:193:71: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("TESSDATA_PREFIX")==NULL?"(not assigned)":getenv("TESSDATA_PREFIX"));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:280:39: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
k2ocr_status_line(buf,color,label,getenv(var));
data/k2pdfopt-2.53+ds/leptonica_mod/dewarp2.c:493:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(3);
data/k2pdfopt-2.53+ds/leptonica_mod/dewarp2.c:495:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(3); /* use the same colors for text and reference lines */
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:161:9: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
return realpath(path, buf);
data/k2pdfopt-2.53+ds/tesseract_mod/genericvector.h:1199:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(*seed);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:216:85: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sprintf(&istr[strlen(istr)],"\n Tesseract data folder = '%s'",datapath==NULL?getenv("TESSDATA_PREFIX"):datapath);
data/k2pdfopt-2.53+ds/willuslib/array.c:334:13: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned)time(NULL)); /* seed the random number generator */
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2136:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("PATH");
data/k2pdfopt-2.53+ds/willuslib/linux.c:71:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("PATH");
data/k2pdfopt-2.53+ds/willuslib/linux.c:130:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("PATH");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:325:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv(envvar);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:510:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p=getenv("TESSDATA_PREFIX"))==NULL)
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:513:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("USERPROFILE");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:515:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("HOME");
data/k2pdfopt-2.53+ds/willuslib/string.c:867:39: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (envvar[0]!='\0' && (p=getenv(envvar))!=NULL)
data/k2pdfopt-2.53+ds/willuslib/wfile.c:359:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
return(getenv(envvar));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1994:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("TEMP");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1999:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("TMP");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2044:12: [3] (tmpfile) GetTempFileName:
Temporary file race condition in certain cases (e.g., if run as SYSTEM in
many versions of Windows) (CWE-377).
status=GetTempFileName(mydir,myprefix,0,tname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2077:9: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
tmpnam(tname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2095:22: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
strcpy(tname,tempnam(mydir,prefix==NULL ? "" : prefix));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3223:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (envdir!=NULL && getenv(envdir)!=NULL)
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3225:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcpy(folder,getenv(envdir));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3227:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
wfile_basepath(folder,getenv(envdir));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3372:13: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
if (LoadLibrary(fullname)==NULL)
data/k2pdfopt-2.53+ds/willuslib/wgs.c:253:13: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
if (LoadLibrary(willusgs_name)!=NULL)
data/k2pdfopt-2.53+ds/willuslib/wgs.c:309:22: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
willusgs_lib=LoadLibrary(willusgs_name);
data/k2pdfopt-2.53+ds/willuslib/win.c:159:12: [3] (misc) AddAccessAllowedAce:
This doesn't set the inheritance bits in the access control entry (ACE)
header (CWE-732). Make sure that you set inheritance by hand if you wish it
to inherit.
status=AddAccessAllowedAce(acl,ACL_REVISION,-1,sid);
data/k2pdfopt-2.53+ds/willuslib/win.c:1578:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("PATH");
data/k2pdfopt-2.53+ds/willuslib/win.c:1621:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("PATH");
data/k2pdfopt-2.53+ds/willuslib/win.c:2015:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("USERPROFILE");
data/k2pdfopt-2.53+ds/willuslib/win.c:2607:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv("USERNAME");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:572:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
estr=getenv(varname);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:650:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p=getenv(varname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:94:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d,s,bmp->width*bpp);
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:133:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen("hist.ep","w");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:140:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen("rowcount.ep","w");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:569:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rc2,rowcount,sizeof(int)*(bbox->r2+1));
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:647:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("textrows.ep",append==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:840:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c,rc,n*sizeof(int));
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:849:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("tr2.ep",append?"a":"w");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:893:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pngfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:898:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pngfile,"word%04d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:900:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pngfile,"word%04d.txt",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:901:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(pngfile,"w");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:1334:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("rthresh.ep",count==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:1771:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:1777:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"reg%03d.png",rn);
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:1834:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:1835:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname,"row%04d.png",count+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:2013:4: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xx=fopen("rowgaps.ep",count==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:2069:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("outbp.ep",a==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/bmpregion.c:2190:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen("rowgaps2.ep",c2==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:329:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("inf.ep","a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:564:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("inf.ep",count==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1252:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1253:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"src%03d.png",(count+1)/2);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1255:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("hist.ep",count==1?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1449:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1457:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"page%03d.png",(pageno+1)/2);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1600:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1601:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"bmp%04d.png",count0);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1648:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("acrosswidth.ep",count==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2bmp.c:1703:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("acrossheight.ep",count==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:102:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:164:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:191:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512+64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char original_file[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:267:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:435:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:436:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char markedfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:437:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rotstr[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initstr[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:625:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(k2settings->tocsavefile,tocwrites==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:749:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bmpfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1072:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdate[128],author[256],title[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1261:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pname[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1264:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pname,"cover page");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1266:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pname,"page %d",pageno);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abs1[512],abs2[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basepath[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mfmt[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1303:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(basename,"%s%04d_k2opt.png");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1305:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(basename,"%s%04d_k2opt.jpg");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1307:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(basename,"%s%04d_k2opt.jpeg");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1313:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1316:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempstr,"_marked");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1322:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt_noext[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1327:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fmt_noext,"_marked.");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basepath[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1350:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1360:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[MAXFILENAMELEN+10];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1390:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basespec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1392:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basebasespec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1393:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basepath[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xfmt[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1402:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%s%04d.png");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1404:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%s%04d.jpg");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1406:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%s%04d.jpeg");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1416:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&ext[-1],"%04d.");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1420:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fmt,"%04d");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1519:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basepath[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1520:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1620:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(newname,".pdf");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1632:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basepath[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1633:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1634:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1643:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newbase[356];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1644:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1689:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1695:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Chapter %d",i+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1820:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcfilename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcfilename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2024:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char covfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2120:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pageno=atoi(&covfile[ib+1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2130:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pageno=atoi(k2settings->dst_coverimage);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envvar[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:203:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(envvar,"K2PDFOPT_CUSTOM%d",index);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:206:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(envvar,"Custom &%d",index);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:241:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d %d %d %d",rect.left,rect.top,rect.right,rect.bottom);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:310:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envname[32],buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:312:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(envname,"K2PDFOPT_CUSTOM%d",i+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envname[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:332:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(envname,"K2PDFOPT_CUSTOM%d",index);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char customname[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:381:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envname[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:403:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(envname,"K2PDFOPT_CUSTOM%d",index);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:835:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:921:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:924:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->preview_page=atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:927:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",k2settings->preview_page);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:935:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:964:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:970:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currlang[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:980:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deflang[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:988:33: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(k2settings->dst_ocr_lang,"-fast");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1028:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cbindex=atoi(&control->name[strlen(control->name)-1])-1;
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1059:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1069:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1074:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->nthreads = -atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1079:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->nthreads = atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1160:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1166:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deflang[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1177:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(lang,"-fast");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1255:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1292:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1315:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optpagelist[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1342:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(optpagelist,
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1402:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(k2settings->dst_opname_format,"%s_k2opt");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1411:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foldername[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1417:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1418:29: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(basename,"%b_k2opt");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1478:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1488:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",k2settings->preview_page);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1499:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1500:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1513:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%d");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1522:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%d");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1531:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%d");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1540:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%d");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1549:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%.1f");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1558:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%.1f");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1577:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inew = atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1702:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1843:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1854:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[MAXFILENAMELEN+128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1857:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2027:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2042:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2083:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2104:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(filename,"w");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2117:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envname[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2121:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(envname,"K2PDFOPT");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2123:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(envname,"K2PDFOPT_CUSTOM%d",i);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2163:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2218:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2220:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"K2PDFOPT_CUSTOM%d",i);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2247:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basepath[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2256:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foldername[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2416:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"File list");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2419:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"File list");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2450:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *button_label[5]={"&INFO","VIEW","&ADD FILE","ADD FOLDER","&REMOVE ITEM"};
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2543:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *cah[1]={"(Press and hold to save.)"};
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2588:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"Device");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2599:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"Device:");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2614:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2646:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2680:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",(int)(k2settings->dst_userwidth+.5));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2682:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.2f",k2settings->dst_userwidth);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2687:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",(int)(k2settings->dst_userheight+.5));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2689:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.2f",k2settings->dst_userheight);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2692:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",k2settings->dst_userdpi);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2754:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"Mode");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2765:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"Conversion Mode:");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2833:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"previewwin");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2881:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"previewpage");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2902:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2906:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",k2settings->preview_page);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2946:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *bname[3]={"_magminus_","_magplus_","_fitpage_"};
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3043:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foldername[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3098:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"opclear");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3099:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"Clear");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3103:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"opselect");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3104:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"Select");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3184:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3215:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",(int)k2settings->max_columns);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3218:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.1f",k2settings->dst_display_resolution);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3266:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3304:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"Select");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langsel[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3448:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"ocrlang");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3450:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"OCR lang: ");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3669:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xbuf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3703:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"linebreakval");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3705:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"landscapepages");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3707:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"opfontsizeval");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3709:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"nthreads");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3712:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"CPUs");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3730:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xbuf,"%.3f",fabs(k2settings->word_spacing));
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3737:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3738:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.1f",k2gui->opfontsize);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3744:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xbuf,"%d%%",-k2settings->nthreads);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3746:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xbuf,"%d",k2settings->nthreads);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3770:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"ocrfast");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3771:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->label,"Fast");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3778:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3877:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3921:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmtstr[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3924:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmtstr,"%.2f%s");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3926:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmtstr,"%.3f%s");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3941:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4247:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2conv->k2settings.preview_page = atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4265:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(k2conv->k2settings.pagelist,"%d",pn);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4382:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4843:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:348:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *buttonlabel[3];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:349:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[3][32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:352:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[0],"Close");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:575:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f1[512],f2[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:588:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:661:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf," Conversion completed!");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:663:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf," All conversions completed!");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:672:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXFILENAMELEN+80]; /* More room, v2.22 */
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:752:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prbuf[1024];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:907:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"k2pdfopt output");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_osdep.c:902:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buttontext[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:247:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *buttonlabel[3];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:248:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[3][32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:253:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[0],"Cancel");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:261:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[0],"Close");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:269:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[0],"&Set Crop Region");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:270:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[1],"&Reset Region to Entire Page");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:271:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf[2],"&Cancel");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[320];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:297:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
filename=(char *)ptrs[0];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:298:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pagelist=(char *)ptrs[1];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:482:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:550:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXFILENAMELEN+80]; /* More room, v2.22 */
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:622:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prbuf[1024];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:789:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"k2pdfopt output");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:798:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(control->name,"bitmapwin");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mark.c:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mark.c:39:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"outsrc%02d.png",count++);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mark.c:54:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mark.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mark.c:294:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num,"%d",nval);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:104:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(masterinfo->debugfolder,"k2_dst_dir");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:443:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rotstr,"(custom rotation) ");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:452:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rotstr,"(custom rotation) ");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:912:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdst,psrc,srcbytewidth);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:936:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:938:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"tmp%03d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:941:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"mst%03d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1208:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdst,psrc,bw);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1572:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bmp_rowptr_from_top(bmp1,i)+bw1,bmp_rowptr_from_top(&masterinfo->bmp,i),bw);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1650:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1651:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opbmpfile[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1664:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(basename,"wordlist%05d.txt",filecount+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1665:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(basename,"w");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:1975:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdst,psrc,bw);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2111:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdst,psrc,dx);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2334:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2338:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"master%04d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2742:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pdffile[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fgc[128],bgc[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2mem.c:32:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char *wmptr[16384];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:89:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:94:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt[8];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:217:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:220:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf2,".pdf");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:675:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tdir1[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:676:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tdir[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:686:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base1[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:687:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:698:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:707:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i=atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:973:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initstr[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:74:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ocrinitmessage[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char logfilename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:178:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ocrinitmessage,"Tesseract initialized (no init message returned).");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:217:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ocrinitmessage,"GOCR v0.50 OCR Engine");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langdef[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datapath[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ocrurl[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:260:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"\nContents of ");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:266:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,":\n");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:268:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"* - LSTM = \"Long Short-Term Memory\" training data.\n"
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:288:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,": ");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:310:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datapath[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:316:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:381:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initstr[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:436:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:438:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:450:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(k2ocr_logfile,"r");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:525:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:526:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"ocrwords_fill_in_%04d.png",++ifr);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:688:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:711:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d,s,bmp->width);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:713:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"ocr_region_%04d.png",iregion+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:773:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pdffile[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:805:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("chars.ep","w");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:838:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("chars.ep","a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:858:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:860:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"bmp%03d.png",count+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:888:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("words.ep",count==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:121:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64]; \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:324:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->preview_page=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:633:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:778:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->ocr_dpi=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:804:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->ocr_max_columns=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:950:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->dewarp=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:970:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->src_rot=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1041:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->jpeg_quality=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1161:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->dst_justify=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1260:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1329:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1431:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2settings->debug=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1519:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1577:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1608:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1625:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*dstval)=atoi(cl->cmdarg);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pagelist[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pagelist[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:259:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char show_usage[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_fgcolor[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_bgcolor[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ocrout[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:282:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_ocr_lang[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_landscape_pages[1024];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_opname_format[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:368:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pagelist[1024];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pagexlist[1024]; /* exclude these pages */
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bpl[2048]; /* Page break list--see -bpl option */
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toclist[2048];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:373:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tocsavefile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_author[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_title[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:430:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_coverimage[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:676:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcfilename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:677:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ocrfilename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:712:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugfolder[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2pdfopt.h:1231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:450:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:451:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"notes%04d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:453:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"main%04d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:1338:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:1340:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"atomic%04d.png",count++);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:1400:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdst,psrc,nc*bpp);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:1474:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:1476:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"fig%04d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:1488:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2proc.c:1490:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"fig%04dr.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2publish.c:158:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2publish.c:195:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2publish.c:204:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"out%02d.png",count++);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:102:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(k2settings->dst_opname_format,"%s_k2opt");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:392:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:399:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"De-warping (-dw) is disabled by native mode output.");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:405:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"You have specified -odpi, -mag, or -fs. This may not "
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:410:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf," in the \"Additional Options\" box");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:421:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg2[512];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:424:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg2," (You can disable this message by specifying -y");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:427:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg2," in the \"Additional Options\" box");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:429:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg2,".)");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:1001:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char x[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:79:4: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xx=fopen("slog.txt",count==0?"w":"a");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:336:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modifier[2];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:571:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdopt[8];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:900:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt2[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:901:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(opt2,"-%cb",opt[1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:903:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(opt2,"-%ct",opt[1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:905:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(opt2,"-%cl",opt[1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:907:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(opt2,"-%cr",opt[1]);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:97:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cap[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char k2pdfopt_os[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char k2pdfopt_chip[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char k2pdfopt_compiler[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap," (w/MuPDF");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:130:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap," (Ghostscript only)");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2usage.c:1169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pat2[64];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2usage.c:1270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2usage.c:1331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/k2pdfoptlib/pagelist.c:312:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/k2pdfoptlib/pagelist.c:354:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*n1)=atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/pagelist.c:384:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*n2)=atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/textwords.c:116:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gap_sorted,gap,n*sizeof(double));
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:101:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(buf)<min || atoi(buf)>max)
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:101:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(buf)<min || atoi(buf)>max)
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:106:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*dstval)=atoi(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/k2pdfopt-2.53+ds/k2pdfoptlib/userinput.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:180:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:181:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"out%05d.png",bcount++);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:214:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d,s,bw);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:297:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d,s,bw);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:315:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d,s,bw);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:346:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:347:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"result%03d.png",rcount++);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:496:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:497:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"wrapbmp_region_%04d.png",++count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:630:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bmp_rowptr_from_top(bmp,i),bmp_rowptr_from_top(&wrapbmp->bmp,i)+bpp*c0,bw);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:638:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:639:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"be%04d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:641:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"ae%04d.png",count);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:800:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:806:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"wrectmap%04d.png",index);
data/k2pdfopt-2.53+ds/k2pdfoptlib/wrapbmp.c:850:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d,s,x2-x1+1);
data/k2pdfopt-2.53+ds/leptonica_mod/dewarp2.c:844:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/leptonica_mod/dewarp2.c:1717:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/leptonica_mod/leptwin.c:358:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (bm.bmBits, data, imageBitsSize);
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:12:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:33:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->buffer, state->chain->rp, n);
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:71:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->buffer, state->chain->rp, n);
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:127:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->ranges, ranges, nranges * sizeof(*ranges));
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:163:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->buffer, state->chain->rp, n);
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:226:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stm->wp, state->chain->rp, n);
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:395:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:503:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:633:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:731:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:777:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[16];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:779:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bp[16];
data/k2pdfopt-2.53+ds/mupdf_mod/filter-basic.c:781:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontface[MAX_FACENAME];
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontpath[MAX_PATH];
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:281:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, source, sourcelen);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szTemp[MAX_FACENAME * 2];
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:364:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
makeFakePSName(char szName[MAX_FACENAME], const char *szStyle)
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szPSName[MAX_FACENAME] = { 0 };
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szTTName[MAX_FACENAME] = { 0 };
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szStyle[MAX_FACENAME] = { 0 };
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szCJKName[MAX_FACENAME] = { 0 };
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:561:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szPathUtf8[MAX_PATH], *fileExt;
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:607:3: [2] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant string.
wcscat(szFontDir,L"\\Fonts\\*.?t?");
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:714:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cjkName[MAX_FACENAME];
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:715:7: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
if (MultiByteToWideChar(936, MB_ERR_INVALID_CHARS, fontname, -1, cjkNameW, nelem(cjkNameW)) &&
data/k2pdfopt-2.53+ds/mupdf_mod/font.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/k2pdfopt-2.53+ds/mupdf_mod/font.c:68:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "uni%04X", unicode);
data/k2pdfopt-2.53+ds/mupdf_mod/font.c:646:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[sizeof(font->name)];
data/k2pdfopt-2.53+ds/mupdf_mod/font.c:1815:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/k2pdfopt-2.53+ds/mupdf_mod/font.c:1825:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "uni%04X.sc", unicode);
data/k2pdfopt-2.53+ds/mupdf_mod/font.c:2017:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void fz_font_digest(fz_context *ctx, fz_font *font, unsigned char digest[16])
data/k2pdfopt-2.53+ds/mupdf_mod/font.c:2026:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, font->digest, 16);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[40];
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1648:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pdf_parse_default_appearance(fz_context *ctx, const char *da, const char **font, float *size, float color[3])
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1648:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pdf_parse_default_appearance(fz_context *ctx, const char *da, const char **font, float *size, float color[3])
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100], *p = buf, *tok, *end;
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1701:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pdf_print_default_appearance(fz_context *ctx, char *buf, int nbuf, const char *font, float size, const float color[3])
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1701:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pdf_print_default_appearance(fz_context *ctx, char *buf, int nbuf, const char *font, float size, const float color[3])
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1710:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pdf_annot_default_appearance(fz_context *ctx, pdf_annot *annot, const char **font, float *size, float color[3])
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1722:75: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pdf_set_annot_default_appearance(fz_context *ctx, pdf_annot *annot, const char *font, float size, const float color[3])
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1724:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-link.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char frag[256];
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-link.c:281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char asciiname[1024];
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-parse.c:251:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, srcptr, srclen);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:621:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:140:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fz_realpath(const char *path, char buf[PATH_MAX])
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:140:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fz_realpath(const char *path, char buf[PATH_MAX])
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:140:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fz_realpath(const char *path, char buf[PATH_MAX])
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:142:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wpath[PATH_MAX];
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:143:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wbuf[PATH_MAX];
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:145:7: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
if (!MultiByteToWideChar(CP_UTF8, 0, path, -1, wpath, PATH_MAX))
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:159:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fz_realpath(const char *path, char buf[PATH_MAX])
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:159:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fz_realpath(const char *path, char buf[PATH_MAX])
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:159:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fz_realpath(const char *path, char buf[PATH_MAX])
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[40];
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:241:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, fmt, n);
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10];
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:520:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(s);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:249:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, &device.oclDeviceID, sizeof(cl_device_id));
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:986:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pagename[MAX_PATH];
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1058:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char page_str[kMaxIntSize];
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1167:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (FILE* file = fopen(filename, "rb")) {
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1281:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(kOldVarsFile, "wb");
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:2700:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(int_features, &cn_features[0], *num_features * sizeof(cn_features[0]));
data/k2pdfopt-2.53+ds/tesseract_mod/genericvector.h:215:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_new, data, sizeof(T) * current_size);
data/k2pdfopt-2.53+ds/tesseract_mod/genericvector.h:377:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(filename, "rb");
data/k2pdfopt-2.53+ds/tesseract_mod/genericvector.h:422:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(filename.string(), "wb");
data/k2pdfopt-2.53+ds/tesseract_mod/openclwrapper.h:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mckKernelName[150];
data/k2pdfopt-2.53+ds/tesseract_mod/openclwrapper.h:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mArryKnelSrcFile[MAX_CLFILE_NUM]
data/k2pdfopt-2.53+ds/tesseract_mod/params.cpp:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_PATH]; // input line
data/k2pdfopt-2.53+ds/tesseract_mod/params.cpp:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/tesseract_mod/serialis.cpp:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(*data_)[0], data, size);
data/k2pdfopt-2.53+ds/tesseract_mod/serialis.cpp:289:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &(*data_)[offset_], required_size);
data/k2pdfopt-2.53+ds/tesseract_mod/serialis.h:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tfile_filename[512];
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char original_locale[256];
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char istr[1024];
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:217:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(istr,"\n Tesseract languages: ");
data/k2pdfopt-2.53+ds/tesseract_mod/tessdatamanager.cpp:151:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entries_[type][0], data, size);
data/k2pdfopt-2.53+ds/tesseract_mod/tessdatamanager.cpp:243:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entries_[TESSDATA_VERSION][0], v_str.data(), v_str.size());
data/k2pdfopt-2.53+ds/tesseract_mod/tessdatamanager.cpp:255:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename.string(), "rb");
data/k2pdfopt-2.53+ds/tesseract_mod/tessedit.cpp:54:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path.string(), "rb")) != nullptr) {
data/k2pdfopt-2.53+ds/tesseract_mod/tessedit.cpp:60:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path.string(), "rb")) != nullptr) {
data/k2pdfopt-2.53+ds/tesseract_mod/tessedit.cpp:149:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* params_file = fopen(tessedit_write_params_to_file.string(), "wb");
data/k2pdfopt-2.53+ds/tesseract_mod/tprintf.cpp:66:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debugfp = fopen(debug_file_name, "wb");
data/k2pdfopt-2.53+ds/tesseract_mod/unicharset.h:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unichar[UNICHAR_LEN + 1];
data/k2pdfopt-2.53+ds/tesseract_mod/unicharset.h:353:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(filename, "w+b");
data/k2pdfopt-2.53+ds/tesseract_mod/unicharset.h:391:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(filename, "rb");
data/k2pdfopt-2.53+ds/tesseract_mod/unicharset.h:981:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char representation[UNICHAR_LEN + 1];
data/k2pdfopt-2.53+ds/willuslib/ansi.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ansi_buffer[MAXSIZE];
data/k2pdfopt-2.53+ds/willuslib/ansi.c:95:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wlp_filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ansi.c:104:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char x_wlp_filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ansi.c:135:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
wlp_file=fopen(wlp_filename,"a");
data/k2pdfopt-2.53+ds/willuslib/ansi.c:163:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
wlp_file=fopen(wlp_filename,append ? "a" : "w");
data/k2pdfopt-2.53+ds/willuslib/ansi.c:200:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
wlp_file=fopen(wlp_filename,"a");
data/k2pdfopt-2.53+ds/willuslib/ansi.c:331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[10];
data/k2pdfopt-2.53+ds/willuslib/ansi.c:365:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
args[nargs++]=atoi(nbuf);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:383:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
args[nargs++]=atoi(nbuf);
data/k2pdfopt-2.53+ds/willuslib/ansi.c:506:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/k2pdfopt-2.53+ds/willuslib/array.c:149:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)dst,(void *)src,n*sizeof(double));
data/k2pdfopt-2.53+ds/willuslib/array.c:353:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
base = atoi(loadtype[5]=='_' ? &loadtype[6] : &loadtype[5]);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileext[16];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[4];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[54];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[54];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:513:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[8];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:611:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char *g_pngdata[MAXPNGTHREADS];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:652:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,&g_pngdata[i][g_pngindex[i]],nbytes);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:677:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[8];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1454:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->red,src->red,256);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1455:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->green,src->green,256);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1456:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->blue,src->blue,256);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1463:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdst,psrc,bpr);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1654:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->data,src->data,src->height*bmp_bytewidth(src));
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1655:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->red,src->red,sizeof(int)*256);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1656:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->green,src->green,sizeof(int)*256);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1657:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->blue,src->blue,sizeof(int)*256);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileext[16];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1806:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileext[16];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[20];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1881:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[20];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1884:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char palette[1024];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:2006:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[20];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3332:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char newval[256];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3375:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char newval[256];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3517:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *p[3];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3780:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4146:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ansicode[32];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4717:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4718:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"unrotated%05d.png",rpc);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4725:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4726:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"rotated%05d_%03ddeg.png",rpc,(int)(rotdeg*100.));
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4887:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdest,psrc,dbw);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4974:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[32];
data/k2pdfopt-2.53+ds/willuslib/bmp.c:4995:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return(atoi(numbuf));
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:303:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
outline->srcpage=outline->dstpage=atoi(miniexp_to_str(p2)+1)-1;
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:375:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)],"Page %3d of %3d: ",pageno+1,npages);
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:379:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)],"No info available.\r\n");
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:385:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)],"%.2f x %.2f in, %d dpi\r\n",width_in,height_in,dpi);
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:472:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:241:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)],"Page %3d of %3d: ",pageno,npages);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:245:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"No info available.\r\n");
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:251:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)],"%.2f x %.2f in,",(double)image->w/xres,(double)image->h/yres);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:253:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)]," %d dpi\r\n",xres);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:255:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)]," %d x %d dpi\r\n",xres,yres);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:365:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest,p,bmp->width);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:385:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest,p,ncomp-1);
data/k2pdfopt-2.53+ds/willuslib/dtcompress.c:70:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[COMPRESS_CHUNK];
data/k2pdfopt-2.53+ds/willuslib/dtcompress.c:71:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[COMPRESS_CHUNK];
data/k2pdfopt-2.53+ds/willuslib/dtcompress.c:183:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h->in+h->strm.avail_in,buf,n);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:81:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:118:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:119:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:147:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:168:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:834:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return((s[i]>='0' && s[i]<='9') ? atoi(&s[i]) : -1);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:847:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return(atoi(&s[i+1]));
data/k2pdfopt-2.53+ds/willuslib/filelist.c:965:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:966:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char spec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:967:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nullstr[1];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:968:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *io[2];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:969:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *eo[1];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:980:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXFILENAMELEN+32];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1016:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zipfileabs[512];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1017:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zipdir[512];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1018:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curdir[512];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1019:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfile[512];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1019:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
char tmpfile[512];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1020:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1064];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1043:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
wfile_abstmpnam(tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1044:25: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
wfile_make_absolute(tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1045:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(tmpfile,"w");
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1045:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
f=fopen(tmpfile,"w");
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1048:66: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
nprintf(out,"make zipfile: Cannot open temp file %s.\n",tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1057:73: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
sprintf(cmd,"zip \"%s\" -@ < \"%s\" 1> z1.out 2> z1.err",zipfileabs,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1059:65: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
sprintf(cmd,"zip \"%s\" -@ < \"%s\" > /dev/null",zipfileabs,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1063:23: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
wfile_remove_utf8(tmpfile);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newdir[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unique[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1140:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAXFILENAMELEN+128];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archdir1[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1300:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entryname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1301:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1308:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempdir[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1309:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1310:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temparch[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1321:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archdir2[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1322:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archfullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1363:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1364:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1393:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unique[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1432:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unique[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1572:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1680:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1697:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.1f",entry->size);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1713:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[256];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1714:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[384];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[356];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1756:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1849:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1896:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*day)=atoi(tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1903:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*hour)=atoi(tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1904:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*minute)=atoi(&tbuf[3]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1909:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*year)=atoi(tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1918:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*day)=atoi(&tbuf[8]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1919:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*month)=atoi(&tbuf[5]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1920:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*year)=atoi(tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1928:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*hour)=atoi(tbuf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1929:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*minute)=atoi(&tbuf[3]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1930:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*second)=atoi(&tbuf[6]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1955:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1956:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbuf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2023:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2024:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbuf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2179:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2203:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wild1[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2213:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2561:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2573:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(arfile,"rb");
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2594:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newpos=atoi(buf)+68;
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2611:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
slen=atoi(buf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2632:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index=atoi(&buf[1]);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2651:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t=(time_t)atoi(buf);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2658:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entry->size=atoi(buf);
data/k2pdfopt-2.53+ds/willuslib/fontrender.c:848:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fontrender_size=atoi(&s[i+3])*fontrender_pixels_per_point;
data/k2pdfopt-2.53+ds/willuslib/linux.c:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/linux.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[4096];
data/k2pdfopt-2.53+ds/willuslib/linux.c:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[4096];
data/k2pdfopt-2.53+ds/willuslib/linux.c:51:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[4096];
data/k2pdfopt-2.53+ds/willuslib/linux.c:121:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[4096];
data/k2pdfopt-2.53+ds/willuslib/linux.c:122:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[1024];
data/k2pdfopt-2.53+ds/willuslib/linux.c:123:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[1024];
data/k2pdfopt-2.53+ds/willuslib/linux.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tfile[512];
data/k2pdfopt-2.53+ds/willuslib/math.c:215:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/k2pdfopt-2.53+ds/willuslib/math.c:226:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/willuslib/math.c:272:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/willuslib/math.c:325:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/k2pdfopt-2.53+ds/willuslib/math.c:335:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/willuslib/math.c:371:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/willuslib/math.c:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/k2pdfopt-2.53+ds/willuslib/math.c:438:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/willuslib/math.c:485:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/willuslib/mem.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fname[MAXPTRS][32];
data/k2pdfopt-2.53+ds/willuslib/mem.c:65:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen("allocs.dat","w");
data/k2pdfopt-2.53+ds/willuslib/mem.c:196:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/k2pdfopt-2.53+ds/willuslib/mem.c:311:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newptr,(*ptr),newsize);
data/k2pdfopt-2.53+ds/willuslib/mem.c:322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[64];
data/k2pdfopt-2.53+ds/willuslib/mem.c:326:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"!!Bad SRA!! oldptr=%p ",(*ptr));
data/k2pdfopt-2.53+ds/willuslib/mem.c:397:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newptr,(*ptr),oldsize);
data/k2pdfopt-2.53+ds/willuslib/mem.c:414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[80];
data/k2pdfopt-2.53+ds/willuslib/mem.c:419:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"!!Bad RRA!! oldptr=%p,oldsize=%d ",(*ptr),(int)oldsize);
data/k2pdfopt-2.53+ds/willuslib/ocr.c:161:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,src,bmp->width);
data/k2pdfopt-2.53+ds/willuslib/ocr.c:466:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->cpos,src->cpos,sizeof(double)*src->n);
data/k2pdfopt-2.53+ds/willuslib/ocr.c:534:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(filename,append ? "a":"w");
data/k2pdfopt-2.53+ds/willuslib/ocr.c:1058:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,append?"a":"w");
data/k2pdfopt-2.53+ds/willuslib/ocr.c:1112:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/k2pdfopt-2.53+ds/willuslib/ocr.c:1116:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,"word_%02d_%03d.png",count,index);
data/k2pdfopt-2.53+ds/willuslib/ocrgocr.c:100:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,src,w);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:173:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langdef[32];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:240:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tesspath0[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[128];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:242:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[256];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char httpurl[512];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tesspath0[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[128];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:259:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbasename[128];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[256];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:320:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char httpurl[512];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envvar[64];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langdef[16];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:349:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tesspath0[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:374:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildcard[MAXFILENAMELEN+32];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:378:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tesspath0[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:385:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *month_name[12]={"JAN","FEB","MAR","APR","MAY","JUN","JUL","AUG","SEP","OCT","NOV","DEC"};
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:444:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[256];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:445:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:446:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[256];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:471:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tessdebug," [Def]");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:500:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path1[MAXFILENAMELEN-12];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:559:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"rb");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:760:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,src,w);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:789:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,src,bmp->width*bmp->height);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:876:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,src,w);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:928:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[256];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:944:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(tempfile,"r");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1007:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(d,"https://github.com");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1009:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(d,"/tesseract-ocr/tessdata/");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1016:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&d[j],"/raw/");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1035:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortname[16];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1059:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char langname[56];
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:1060:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortname[32];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:403:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cline[73];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1012:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[10];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1013:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1014:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mdate[128];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1015:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[256];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1028:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nbuf,"%6d",i+1);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1035:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nbuf,"%% ");
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1128:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nbuf,"%6d",icat);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1226:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
np=atoi(&buf[ip+strlen(kwords[i])]);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[64];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1358:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nbuf,"%d",len);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1777:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rotbuf[48];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1811:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rotbuf,"%.4f 0 0 1",arat);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1813:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rotbuf,"0 %.4f -1 0",arat);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1821:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rotbuf,"%.3f %.3f %.3f %.3f",costh*arat,sinth*arat,-sinth,costh);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:2082:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:2107:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oline->srcpage=atoi(&buf[i])-1;
data/k2pdfopt-2.53+ds/willuslib/string.c:273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/k2pdfopt-2.53+ds/willuslib/string.c:280:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*n1)=(*n2)=atoi(buf);
data/k2pdfopt-2.53+ds/willuslib/string.c:289:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*n1)=atoi(buf);
data/k2pdfopt-2.53+ds/willuslib/string.c:292:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*n2)=atoi(&buf[i+1]);
data/k2pdfopt-2.53+ds/willuslib/string.c:364:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line1[80];
data/k2pdfopt-2.53+ds/willuslib/string.c:365:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linen[80];
data/k2pdfopt-2.53+ds/willuslib/string.c:366:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[120];
data/k2pdfopt-2.53+ds/willuslib/string.c:367:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char next[100];
data/k2pdfopt-2.53+ds/willuslib/string.c:411:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[16];
data/k2pdfopt-2.53+ds/willuslib/string.c:412:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt,"%%%d.%df",signspace?ndigits+3:ndigits+2,ndigits);
data/k2pdfopt-2.53+ds/willuslib/string.c:449:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[80];
data/k2pdfopt-2.53+ds/willuslib/string.c:482:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[256];
data/k2pdfopt-2.53+ds/willuslib/string.c:483:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t2[100];
data/k2pdfopt-2.53+ds/willuslib/string.c:484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[10];
data/k2pdfopt-2.53+ds/willuslib/string.c:506:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%03d");
data/k2pdfopt-2.53+ds/willuslib/string.c:508:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fmt,"%d");
data/k2pdfopt-2.53+ds/willuslib/string.c:515:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t2,"%g",m);
data/k2pdfopt-2.53+ds/willuslib/string.c:698:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a[n++]=atoi(&buf[j]);
data/k2pdfopt-2.53+ds/willuslib/string.c:752:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nbuf[256];
data/k2pdfopt-2.53+ds/willuslib/string.c:801:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nbuf[256];
data/k2pdfopt-2.53+ds/willuslib/string.c:810:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a[n++]=atoi(p);
data/k2pdfopt-2.53+ds/willuslib/string.c:815:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i1=atoi(nbuf);
data/k2pdfopt-2.53+ds/willuslib/string.c:816:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i2=atoi(&nbuf[i+1]);
data/k2pdfopt-2.53+ds/willuslib/string.c:855:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envvar[100];
data/k2pdfopt-2.53+ds/willuslib/string.c:903:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[16];
data/k2pdfopt-2.53+ds/willuslib/string.c:914:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt,"%%%d.%de",maxlen,decimals);
data/k2pdfopt-2.53+ds/willuslib/string.c:923:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt,"%%%d.%de",maxlen,decimals);
data/k2pdfopt-2.53+ds/willuslib/string.c:950:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/willuslib/string.c:951:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time[64];
data/k2pdfopt-2.53+ds/willuslib/string.c:1029:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/willuslib/string.c:1030:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[3][32];
data/k2pdfopt-2.53+ds/willuslib/string.c:1051:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num[i]=atoi(tok[i]);
data/k2pdfopt-2.53+ds/willuslib/string.c:1209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/k2pdfopt-2.53+ds/willuslib/string.c:1245:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/k2pdfopt-2.53+ds/willuslib/string.c:1246:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf2[1024];
data/k2pdfopt-2.53+ds/willuslib/string.c:1247:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char emptystr[16];
data/k2pdfopt-2.53+ds/willuslib/token.c:31:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char allowed_white[64];
data/k2pdfopt-2.53+ds/willuslib/token.c:195:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(allowed_white," \n\f\t,=\x1a");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:237:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b,a,elsize);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:356:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char envvalue[1024];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:522:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn2[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:721:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:990:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1001:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fs[100];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1002:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volname[200];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1005:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1026:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(volname,"unknown");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1027:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fs,"unknown");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1033:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sn,"%d",(int)serno);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1050:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1072:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1073:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmd[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1215:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rmdirlog=fopen("/rmdir.log","a");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1275:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
char tmpfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1276:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1279:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
wfile_abstmpnam(tmpfile);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1280:50: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
sprintf(cmd,"which \"%s\" > \"%s\"",filename,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1282:24: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
f=wfile_fopen_utf8(tmpfile,"r");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1291:23: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
wfile_remove_utf8(tmpfile);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1293:49: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
sprintf(cmd,"file \"%s\" > \"%s\"",fullname,tmpfile);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1295:24: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
f=wfile_fopen_utf8(tmpfile,"r");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1304:23: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
wfile_remove_utf8(tmpfile);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spec[384];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newpath[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1525:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bn1[MAXFILENAMELEN],bn2[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1648:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(basename,"../");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1651:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(basename,"../");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1653:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(basename,"../");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1742:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ziptempdir[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1746:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1747:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[384];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1773:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nullfile[32];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1776:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nullfile,"nul");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1778:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nullfile,"/dev/null");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1858:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1859:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1970:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tpath[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2006:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dir,"/tmp");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2022:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2023:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myprefix[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2024:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mydir[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2030:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(myprefix,"tmp");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2055:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(myprefix,"XXXXXX");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2064:8: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd=mkstemp(tname);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2093:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2135:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[MAXFILENAMELEN],hushfile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2182:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[514];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2286:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[512];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2328:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2329:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2330:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char theader[1024];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2494:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2666:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linkval[1024];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2823:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filespec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2861:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2870:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mypath[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relpath[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempdir[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wild[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curdir[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temploc[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newloc[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char folder[512];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[512];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dletter[32];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3240:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basespec[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3274:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(folder,"%c:",dletter[i]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildspec[512];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3322:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basespec[512];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3323:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locfullname[512];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3406:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return(fopen(filename,mode));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3413:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return(fopen(filename,mode));
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3496:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[256];
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3500:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"r");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3504:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(tempname,"w");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3514:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(tempname,"rb");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:58:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char willusgs_name[512];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argdata[NARGSMAX][48];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[NARGSMAX];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[256];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argtemp[280];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcfile[256];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-q");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-P-");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:131:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dSAFER");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:132:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dBATCH");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:133:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dNOPAUSE");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-sDEVICE=png16m");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:141:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(argv[i++],"-dDEVICEWIDTHPOINTS=%d",willusgs_device_width_pts);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:143:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(argv[i++],"-dDEVICEHEIGHTPOINTS=%d",willusgs_device_height_pts);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:144:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dGraphicsAlphaBits=4");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:145:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dTextAlphaBits=4");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:146:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(argv[i++],"-r%g",dpi);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:147:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(argv[i++],"-dFirstPage=%d",pageno<=0?1:pageno);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:148:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(argv[i++],"-dLastPage=%d",pageno<=0?1:pageno);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argdata[16][32];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[16];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argtemp[280];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argsrc[280];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:188:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-q");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:189:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-P-");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dSAFER");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:191:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dBATCH");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:192:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dNOPAUSE");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:193:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-sDEVICE=pdfwrite");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:195:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(argv[i++],"-dDEVICEWIDTHPOINTS=%d",willusgs_device_width_pts);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:197:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(argv[i++],"-dDEVICEHEIGHTPOINTS=%d",willusgs_device_height_pts);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:198:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(argv[i++],"-dPDFSETTINGS=/prepress");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:257:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basepath[511];
data/k2pdfopt-2.53+ds/willuslib/wgs.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/k2pdfopt-2.53+ds/willuslib/wgui.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[64];
data/k2pdfopt-2.53+ds/willuslib/wgui.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdopts[512];
data/k2pdfopt-2.53+ds/willuslib/wgui.c:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[512];
data/k2pdfopt-2.53+ds/willuslib/wgui.c:227:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd,"cmd");
data/k2pdfopt-2.53+ds/willuslib/wgui.c:233:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pwd,"C:\\");
data/k2pdfopt-2.53+ds/willuslib/wgui.c:2683:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/willuslib/wgui.c:2834:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%04d,%04d %04d x %04d (%05.2fin,%05.2fin %05.2fin x %05.2fin)",
data/k2pdfopt-2.53+ds/willuslib/wgui.c:2846:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%04d,%04d %04d x %04d",
data/k2pdfopt-2.53+ds/willuslib/wgui.c:2855:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/willuslib/wgui.c:2864:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%04d x %04d (%05.2f in x %05.2f in)",
data/k2pdfopt-2.53+ds/willuslib/wgui.c:2868:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%04d x %04d",(int)p.x,(int)p.y);
data/k2pdfopt-2.53+ds/willuslib/willus.h:739:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:740:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:741:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:747:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unixspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:748:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ds[DIR_STRUCT_SIZE];
data/k2pdfopt-2.53+ds/willuslib/willus.h:762:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:763:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:766:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initpath[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:767:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initspec[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/willus.h:1123:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char os[32],chip[32],compiler[32]; \
data/k2pdfopt-2.53+ds/willuslib/willus.h:1165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdarg[1024];
data/k2pdfopt-2.53+ds/willuslib/willus.h:1186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAXFILENAMELEN]; /* Base directory, doesn't end in a slash */
data/k2pdfopt-2.53+ds/willuslib/willus.h:1495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langname[48];
data/k2pdfopt-2.53+ds/willuslib/willus.h:1496:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langurl[256];
data/k2pdfopt-2.53+ds/willuslib/willus.h:1595:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[512];
data/k2pdfopt-2.53+ds/willuslib/willus.h:1667:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char producer[128]; /* Producer */
data/k2pdfopt-2.53+ds/willuslib/willus.h:1668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char author[256]; /* Author */
data/k2pdfopt-2.53+ds/willuslib/willus.h:1669:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[256]; /* Title */
data/k2pdfopt-2.53+ds/willuslib/willus.h:1836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; /* (Unique) name of control--drawn on button if button */
data/k2pdfopt-2.53+ds/willuslib/willus.h:1846:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[48]; /* Drawn with or next to control */
data/k2pdfopt-2.53+ds/willuslib/win.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:104:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:119:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errbuf[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[128];
data/k2pdfopt-2.53+ds/willuslib/win.c:224:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmdline[500];
data/k2pdfopt-2.53+ds/willuslib/win.c:289:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmdline[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:290:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:339:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmdline[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:340:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:392:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmdline[500];
data/k2pdfopt-2.53+ds/willuslib/win.c:1273:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16384];
data/k2pdfopt-2.53+ds/willuslib/win.c:1411:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[16];
data/k2pdfopt-2.53+ds/willuslib/win.c:1412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volname[64];
data/k2pdfopt-2.53+ds/willuslib/win.c:1413:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filesys[64];
data/k2pdfopt-2.53+ds/willuslib/win.c:1417:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drive,"%c:\\",filename[0]);
data/k2pdfopt-2.53+ds/willuslib/win.c:1422:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drive,"%c:\\",p[0]);
data/k2pdfopt-2.53+ds/willuslib/win.c:1569:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[4096];
data/k2pdfopt-2.53+ds/willuslib/win.c:1570:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[1024];
data/k2pdfopt-2.53+ds/willuslib/win.c:1571:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[1024];
data/k2pdfopt-2.53+ds/willuslib/win.c:1572:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tfile[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:1609:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char basename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:1610:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[4096];
data/k2pdfopt-2.53+ds/willuslib/win.c:1611:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[4096];
data/k2pdfopt-2.53+ds/willuslib/win.c:1612:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[4096];
data/k2pdfopt-2.53+ds/willuslib/win.c:1863:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char winname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:1911:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/win.c:1922:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char findtitle[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:1981:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:2005:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char windir[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:2038:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class[128];
data/k2pdfopt-2.53+ds/willuslib/win.c:2061:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2062:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valuename[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:2118:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/k2pdfopt-2.53+ds/willuslib/win.c:2119:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valuename[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:2165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class[128];
data/k2pdfopt-2.53+ds/willuslib/win.c:2189:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valuename[512],buf[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2212:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valuename[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2213:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newkeyname[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2322:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/k2pdfopt-2.53+ds/willuslib/win.c:2343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ReparseTarget[MAXIMUM_REPARSE_DATA_BUFFER_SIZE];
data/k2pdfopt-2.53+ds/willuslib/win.c:2405:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absname[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:2406:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/k2pdfopt-2.53+ds/willuslib/win.c:2586:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2587:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exename[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2588:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2589:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfolder[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2590:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exefolder[512];
data/k2pdfopt-2.53+ds/willuslib/win.c:2591:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newexe[512];
data/k2pdfopt-2.53+ds/willuslib/winbmp.c:416:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _bmih[sizeof(BITMAPINFOHEADER)+256*sizeof(RGBQUAD)];
data/k2pdfopt-2.53+ds/willuslib/winbmp.c:506:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _bmih[sizeof(BITMAPINFOHEADER)+256*sizeof(RGBQUAD)];
data/k2pdfopt-2.53+ds/willuslib/winbmp.c:618:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[512];
data/k2pdfopt-2.53+ds/willuslib/winbmp.c:619:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[256];
data/k2pdfopt-2.53+ds/willuslib/winbmp.c:620:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appname[256];
data/k2pdfopt-2.53+ds/willuslib/winbmp.c:718:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _bmih[sizeof(BITMAPINFOHEADER)+256*sizeof(RGBQUAD)];
data/k2pdfopt-2.53+ds/willuslib/wininet.c:143:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char url[MAXFILENAMELEN],host[MAXFILENAMELEN],filename[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wininet.c:147:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[4096];
data/k2pdfopt-2.53+ds/willuslib/wininet.c:176:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out=fopen(filename,"wb");
data/k2pdfopt-2.53+ds/willuslib/wininet.c:202:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char host[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wininet.c:213:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port=atoi(&host[i+1]);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:335:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpbuf[512];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b1[256];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b2[256];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b3[256];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuflabel[64];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passlabel[64];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class[32];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:74:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char xmagplus[2903] = {
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:209:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xmagminus[2855] = {
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:343:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xfitpage[1096] = {
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:639:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wmb->inbuflabel,"User name: ");
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:643:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wmb->passlabel,"Password: ");
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:644:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wmb->b1,"*&Login");
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:645:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wmb->b2,"&Cancel");
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:1219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t2[256];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:1220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tu[4];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:1260:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char checkmark[2279] = {
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:1540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t2[256];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:1541:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tu[4];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:2042:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:2135:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char winmbox_fontname[64];
data/k2pdfopt-2.53+ds/willuslib/winshell.c:88:8: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP,0,shortcut,-1, widestr,511);
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[512];
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[512];
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdargs[512];
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:96:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pwd,"C:\\");
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moddate[64];
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:427:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512];
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:678:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf," cm");
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:685:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf," W n");
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:807:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[8];
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:828:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)]," %d",neg && ix>0 ? -ix : ix);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:831:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt," %%.%df",j);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:950:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[512];
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1049:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char whitespace[2];
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1074:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1076:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Xfk2p%d",pageno);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1342:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,newdst,sizeof(double)*9);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1737:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x->srcpage=atoi(&fzoutline->uri[1])-1;
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1738:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(fzoutline->uri)>0)
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1739:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x->srcpage=atoi(fzoutline->uri)-1;
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1906:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pdffile[512];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:263:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:265:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1,"PAGE SIZE: %.2f x %.2f in\n",
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label2[32];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label3[32];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:310:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newdate[128];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizecommas[32];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:331:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"rb");
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:345:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src[16];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:352:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
num_len = sprintf(src, "%d", num);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:408:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(glo->dim[glo->dims - 1].u.dim.bbox, &bbox, sizeof (fz_rect));
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:853:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[64];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:855:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1,"%.2f x %.2f",
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1251:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *mname[12]={"Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"};
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src1[32];
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1261:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year=atoi(&src1[i-4]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1265:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month=atoi(&src1[i-2]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1269:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
date=atoi(&src1[i-2]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1273:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hour=atoi(&src1[i-2]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1277:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
minute=atoi(&src1[i-2]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1281:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
second=atoi(&src1[i-2]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1284:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dst," GMT");
data/k2pdfopt-2.53+ds/willuslib/wpdf.c:851:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8str[8];
data/k2pdfopt-2.53+ds/willuslib/wpdf.c:910:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(filename,"w");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compiler_version[80],compname[100];
data/k2pdfopt-2.53+ds/willuslib/wsys.c:153:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"v%d.%d",((__DMC__ &0xf00)>>8),((__DMC__ &0xf0)>>4));
data/k2pdfopt-2.53+ds/willuslib/wsys.c:156:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(compiler_version,"3.7");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:159:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"v%d.%d.%d",
data/k2pdfopt-2.53+ds/willuslib/wsys.c:165:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"%.2f",(double)__WATCOMC__/100.);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:185:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"v%4.2f",__ICL/100.);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:188:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"v%4.2f",_MSC_VER/100.-6.0);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:200:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"v%4.2f",__INTEL_COMPILER/100.);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:223:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"v%d.%d.%d",__GNUC__,__GNUC_MINOR__,__GNUC_PATCHLEVEL__);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:225:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(compiler_version,"v%d.%d.x",__GNUC__,__GNUC_MINOR__);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:356:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s," 1> nul 2> nul");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:358:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s," > /dev/null");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:415:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/willuslib/wsys.c:471:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/k2pdfopt-2.53+ds/willuslib/wsys.c:485:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%c%02d'%02d",c,hr%24,min);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:498:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char orglocale[64];
data/k2pdfopt-2.53+ds/willuslib/wsys.c:538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/k2pdfopt-2.53+ds/willuslib/wsys.c:541:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%5.2f",x);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:544:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,"12.34");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:625:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/k2pdfopt-2.53+ds/willuslib/wsys.c:626:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valuename[256];
data/k2pdfopt-2.53+ds/willuslib/wsys.c:665:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return(open(filename,O_CREAT|O_EXCL,0644));
data/k2pdfopt-2.53+ds/willuslib/wsys.c:730:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(syscmd," 1> \"");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:736:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(syscmd," 2> \"");
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wzbuffer[4096];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:71:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subarch[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:84:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname2[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:85:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:99:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pathname,"\\\\");
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newarch[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archname_full[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempdir[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basefile[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAXFILENAMELEN+128];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:331:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dst,".gz");
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:368:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:395:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newname[MAXFILENAMELEN];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:397:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode2[16];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modestd[16];
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:681:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b,a,elsize);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:225:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filename,srcfilename_passed,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:271:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(original_file,filename,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:350:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc((double **)&k2listproc->outname,(long)(strlen(k2fileproc->outname)+1),funcname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:483:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(srcfilename,filename,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:630:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(srcfilename)+6;i>0;i--)
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1448:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)],"%s",basespec);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1450:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)],"%s",basebasespec);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1452:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)],"%s",basepath);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1457:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)],xfmt,filecount);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1459:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)],xfmt,pagecount);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1461:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j=strlen(dst);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1469:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dst,".");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1698:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oline->title=malloc(strlen(buf)+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1825:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(srcfilename,filename,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:1845:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(srcfilename,filename,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2115:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(covfile,k2settings->dst_coverimage,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2125:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(covfile,filename,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2file.c:2341:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc((double **)&k2fileproc->outname,(long)(strlen(dstfile)+1),funcname);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2files.c:68:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&k2files->file[k2files->n],strlen(filename)+1,funcname,10);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1028:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cbindex=atoi(&control->name[strlen(control->name)-1])-1;
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1071:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[0]!='\0' && buf[strlen(buf)-1]=='%')
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1073:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]='\0';
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1831:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf,strlen(buf),
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:1889:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf,strlen(buf),
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2254:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p=&filename[strlen(filename)+1];p[0]!='\0';p=&p[strlen(p)+1])
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2254:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p=&filename[strlen(filename)+1];p[0]!='\0';p=&p[strlen(p)+1])
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:2844:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(control->label,"");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3905:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf,"x");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:3911:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf,"x");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4849:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(buf);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4858:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strcmp(&contextmenu_help[i+2][strlen(contextmenu_help[i+2])-7]," units."))
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4863:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&buf2,strlen(contextmenu_help[i+2])+strlen(unithelp)+4,funcname,10);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4863:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&buf2,strlen(contextmenu_help[i+2])+strlen(unithelp)+4,funcname,10);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui.c:4897:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&buf[i+1],&buf[i],strlen(buf)-i+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:190:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
needed=i+strlen(s)+2;
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:202:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d[i+strlen(s)+1]='\0';
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:225:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(&list[j])+1;
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:240:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=j=0;list[j]!='\0';i++,j+=strlen(&list[j])+1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:577:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(f1,folder_name(file1),511);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:579:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(f2,folder_name(file2),511);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:645:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,message,255);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:652:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)]," There w%s %d error%s--see log above.",
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:716:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2gui_cbox->filename,k2gui_short_name(name),255);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_cbox.c:759:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&buf,strlen(prbuf)*2,funcname,10);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:304:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2gui_overlay->filename,k2gui_short_name(filename),255);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:586:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2gui_overlay->filename,k2gui_short_name(name),255);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2gui_overlay.c:629:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&buf,strlen(prbuf)*2,funcname,10);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2master.c:2766:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pdffile,masterinfo->srcfilename,511);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:218:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf2,buf,505);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:717:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2settings->dst_ocr_lang,base,63);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2menu.c:1030:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*column) += strlen(&s[i0])+1;
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:95:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(initstr,"\n");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:106:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(initstr,"\n");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:294:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,"\n");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2ocr.c:850:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pdffile,masterinfo->srcfilename,511);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:61:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cl->cmdarg[strlen(cl->cmdarg)-1]=='-') \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:63:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (cl->cmdarg[strlen(cl->cmdarg)-1]=='+') \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:75:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cl->cmdarg[strlen(cl->cmdarg)-1]=='-') \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:77:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (cl->cmdarg[strlen(cl->cmdarg)-1]=='+') \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:88:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cl->cmdarg[strlen(cl->cmdarg)-1]=='-') \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:98:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k2settings->y=(cl->cmdarg[strlen(cl->cmdarg)-1]=='-' ? 0 : 1); \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:106:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2settings->y,cl->cmdarg,maxlen); \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:122:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,cl->cmdarg,63);\
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:124:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)>1 && buf[strlen(buf)-1]=='+') \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:124:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)>1 && buf[strlen(buf)-1]=='+') \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:126:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]='\0'; \
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:254:21: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(k2settings->show_usage,"*");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:259:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2settings->show_usage,cl->cmdarg,31);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:285:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2settings->dst_landscape_pages,&cl->cmdarg[ipl],1023);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:637:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,cl->cmdarg,127);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:735:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(k2settings->dst_ocr_lang,cl->cmdarg,63);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1272:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,&cl->cmdarg[5],255);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1341:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,&cl->cmdarg[3],255);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1579:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,cl->cmdarg,63);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2parsecmd.c:1610:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,cl->cmdarg,63);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings.c:412:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,".");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:134:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenc=cmdline->s==NULL ? 0 : strlen(cmdline->s);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:135:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens=shortest->s==NULL ? 0 : strlen(shortest->s);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:142:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
leng=nongui->s==NULL ? 0 : strlen(nongui->s);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2settings2cmd.c:143:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lensg=shortestng->s==NULL ? 0 : strlen(shortestng->s);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:124:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&cap[strlen(cap)],"%sDjVuLibre",cap[0]=='\0'?" (w/":",");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:127:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&cap[strlen(cap)],"%sOCR",cap[0]=='\0'?" (w/":",");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:132:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cap,")");
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:138:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&date[strlen(date)-4],
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:147:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&date[strlen(date)-4],
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:204:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,def,maxlen-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2sys.c:211:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,def,maxlen-1);
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2usage.c:1125:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j=strlen(d),i=0;s[i]!='\0';i++)
data/k2pdfopt-2.53+ds/k2pdfoptlib/k2usage.c:1241:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,usage,i);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:200:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(val1);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:201:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len2 = strlen(val2);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:227:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = strlen(str);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:228:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(end);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:563:4: [1] (buffer) lstrcpyn:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
lstrcpyn(lpFileName, FileData.cFileName, szPath + MAX_PATH - lpFileName);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:570:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileExt = szPathUtf8 + strlen(szPathUtf8) - 4;
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:622:3: [1] (buffer) lstrcpyn:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
lstrcpyn(lpFileName, L"DroidSansFallback.ttf", szFile + MAX_PATH - lpFileName);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:701:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fontname = fz_realloc_array(ctx, fontname, strlen(fontname) + 2, char);
data/k2pdfopt-2.53+ds/mupdf_mod/font-win32.c:702:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comma = fontname + strlen(fontname) - styleLen;
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1622:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pdf_dict_put_string(ctx, annot->obj, PDF_NAME(M), s, strlen(s));
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-annot.c:1728:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pdf_dict_put_string(ctx, annot->obj, PDF_NAME(DA), buf, strlen(buf));
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-link.c:350:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *new_uri = Memento_label(fz_malloc(ctx, strlen(uri_base) + strlen(uri) + 1), "link_action");
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-link.c:350:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *new_uri = Memento_label(fz_malloc(ctx, strlen(uri_base) + strlen(uri) + 1), "link_action");
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:609:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) < 5 || memcmp(buf, "%PDF-", 5) != 0)
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:732:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fz_seek(ctx, doc->file, -(2 + (int)strlen(s)), SEEK_CUR);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:877:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fz_seek(ctx, file, -(2 + (int)strlen(s)), SEEK_CUR);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:3505:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(name)+1;
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:3507:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 1 + strlen(name_prefix);
data/k2pdfopt-2.53+ds/mupdf_mod/pdf-xref.c:3512:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(field_name, ".");
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:105:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dlen + strlen(s);
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:131:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(dir);
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:231:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = p = fmt + strlen(fmt);
data/k2pdfopt-2.53+ds/mupdf_mod/string.c:239:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n + i + strlen(p) >= size)
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:143:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:168:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1363:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(result, text.string(), text.length() + 1);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1546:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_length += strlen(result + output_length);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1579:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
totlen+=strlen(textstr.string())+1;
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:1604:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
it8 += strlen(&tutf8[it8])+1;
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:2565:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = (len == -1 ? strlen(repr) : len);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:2567:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(unicode_repr, repr, length);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:2615:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(len);
data/k2pdfopt-2.53+ds/tesseract_mod/baseapi.cpp:2672:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, tc->unicode_repr, tc->length);
data/k2pdfopt-2.53+ds/tesseract_mod/genericvector.h:177:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(tesseract::TFile* f,
data/k2pdfopt-2.53+ds/tesseract_mod/genericvector.h:963:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool GenericVector<T>::read(
data/k2pdfopt-2.53+ds/tesseract_mod/serialis.cpp:206:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tfile_filename,filename.string(),511);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:107:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(original_locale,setlocale(LC_ALL,NULL),255);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:209:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&istr[strlen(istr)]," [%s",simdtype[i]);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:211:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&istr[strlen(istr)],"+%s",simdtype[i]);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:215:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(&istr[strlen(istr)],"]");
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:215:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&istr[strlen(istr)],"]");
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:216:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&istr[strlen(istr)],"\n Tesseract data folder = '%s'",datapath==NULL?getenv("TESSDATA_PREFIX"):datapath);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:235:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&istr[strlen(istr)],"%s%s [%s]",i==0?"":", ",lang1->lang.string(),
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:256:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(initstr,istr,maxlen-1);
data/k2pdfopt-2.53+ds/tesseract_mod/tesscapi.cpp:298:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(outstr,api->GetUTF8Text(),maxlen-1);
data/k2pdfopt-2.53+ds/tesseract_mod/tessedit.cpp:119:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fp.tfile_filename,tessdata_path.string(),511);
data/k2pdfopt-2.53+ds/tesseract_mod/tessedit.cpp:270:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int end = strlen(start);
data/k2pdfopt-2.53+ds/tesseract_mod/tprintf.cpp:41:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (filename==NULL || strlen(filename)==0)
data/k2pdfopt-2.53+ds/tesseract_mod/unicharset.h:67:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->unichar, uch, sizeof(this->unichar));
data/k2pdfopt-2.53+ds/tesseract_mod/unicharset.h:249:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return CleanupString(utf8_str, strlen(utf8_str));
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1789:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bpp=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1829:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(src)-1;i>=0 && src[i]!='.';i--);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1830:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest,&src[i+1],15);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1944:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dpm1=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:1945:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dpm2=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:2068:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dpm1=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:2069:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dpm2=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3872:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c=fgetc(f))==EOF)
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3891:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=fgetc(f))!=EOF)
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3934:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(buf)+3;
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3947:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b1=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/bmp.c:3950:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b2=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:299:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen=strlen(miniexp_to_str(p));
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:375:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],"Page %3d of %3d: ",pageno+1,npages);
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:379:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],"No info available.\r\n");
data/k2pdfopt-2.53+ds/willuslib/bmpdjvu.c:385:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],"%.2f x %.2f in, %d dpi\r\n",width_in,height_in,dpi);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:241:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],"Page %3d of %3d: ",pageno,npages);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:251:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],"%.2f x %.2f in,",(double)image->w/xres,(double)image->h/yres);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:253:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)]," %d dpi\r\n",xres);
data/k2pdfopt-2.53+ds/willuslib/bmpmupdf.c:255:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)]," %d x %d dpi\r\n",xres,yres);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:832:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(s)-1;i>=0 && s[i]!='/' && s[i]!='\\' && s[i]!=':';i--);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:843:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(s)-1;i>=0 && s[i]!='.';i--);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:982:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l=strlen(dir);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1569:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(pattern);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1698:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-2]='\0';
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1777:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&entry.attr,&filename[strlen(filename)],dirstoo))
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1914:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)!=10 || tbuf[4]!='-' || tbuf[7]!='-')
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1924:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)!=8 || tbuf[2]!=':' || tbuf[5]!=':')
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1934:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(&buf[i])<=0)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1966:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)<6 || strlen(tbuf)>10)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1966:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)<6 || strlen(tbuf)>10)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1973:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)<3 || in_string(tbuf,":")<0)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:1975:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dbuf," ");
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2007:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(&buf[i])<=0)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2042:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)<6 || strlen(tbuf)>10)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2042:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)<6 || strlen(tbuf)>10)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2049:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuf)<3 || in_string(tbuf,":")<0)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2051:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dbuf," ");
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2064:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(&buf[i])<=0)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2069:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wfile_eitherslash(filename[strlen(filename)-1]))
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2104:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(entry->name);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2234:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(fl->entry[index].name);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2260:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen=strlen(newname);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2262:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldlen=strlen(p);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2474:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&s[i+1],&s[i+4],strlen(s)-i-2);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2507:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&s[i+1],&s[i+2],strlen(s)-i);
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2633:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (namebuf!=NULL && strlen(namebuf)>index)
data/k2pdfopt-2.53+ds/willuslib/filelist.c:2637:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen=strlen(buf);
data/k2pdfopt-2.53+ds/willuslib/fontrender.c:229:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&rchar,sizeof(RCHAR)*strlen(string),
data/k2pdfopt-2.53+ds/willuslib/fontrender.c:499:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s);
data/k2pdfopt-2.53+ds/willuslib/linux.c:66:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (basename[0]=='\"' && basename[strlen(basename)-1]=='\"')
data/k2pdfopt-2.53+ds/willuslib/linux.c:68:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
basename[strlen(basename)-1]='\0';
data/k2pdfopt-2.53+ds/willuslib/linux.c:69:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&basename[1],basename,strlen(basename));
data/k2pdfopt-2.53+ds/willuslib/linux.c:173:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dir[0]=='\"' && dir[strlen(dir)-1]=='\"')
data/k2pdfopt-2.53+ds/willuslib/linux.c:175:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(dir,&dir[1],strlen(dir));
data/k2pdfopt-2.53+ds/willuslib/linux.c:176:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir[strlen(dir)-1]='\0';
data/k2pdfopt-2.53+ds/willuslib/linux.c:179:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(dir)>0);
data/k2pdfopt-2.53+ds/willuslib/mem.c:161:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname[n],name,31);
data/k2pdfopt-2.53+ds/willuslib/mem.c:170:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname[i],name,31);
data/k2pdfopt-2.53+ds/willuslib/mem.c:221:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(name,okay[i],strlen(okay[i])))
data/k2pdfopt-2.53+ds/willuslib/mem.c:330:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname[n],name,31);
data/k2pdfopt-2.53+ds/willuslib/mem.c:341:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname[i],name,31);
data/k2pdfopt-2.53+ds/willuslib/mem.c:423:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname[n],name,31);
data/k2pdfopt-2.53+ds/willuslib/mem.c:435:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname[i],name,31);
data/k2pdfopt-2.53+ds/willuslib/ocr.c:287:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (words->word[i].text==NULL || strlen(words->word[i].text)==0)
data/k2pdfopt-2.53+ds/willuslib/ocr.c:459:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&dst->text,strlen(src->text)+1,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/ocr.c:865:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&s[2],&s[1],strlen(s)-1);
data/k2pdfopt-2.53+ds/willuslib/ocrgocr.c:48:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text,ocrwords->word[0].text,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/ocrgocr.c:114:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&buf2,2*(strlen(buf)+1),funcname,10);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:290:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(lang);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:331:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(url);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:354:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tesspath,tesspath0,maxtesspathlen-1);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:361:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(langdef,lang,15);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:391:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tesspath0,datadir,MAXFILENAMELEN-1);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:396:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tesspath,tesspath0,maxtesspathlen-1);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:440:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(header)+strlen(tessdebug) < maxdebug)
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:440:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(header)+strlen(tessdebug) < maxdebug)
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:441:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&tessdebug[strlen(tessdebug)],"%s",header);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:455:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(name)>32 ? strlen(name) : 32;
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:455:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(name)>32 ? strlen(name) : 32;
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:458:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tessdebug)+len1+46 < maxdebug)
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:466:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(name);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:478:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tessdebug," ");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:479:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&tessdebug[strlen(tessdebug)],fmt,fl->entry[j].size/1024./1024.,
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:486:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tessdebug,"\n");
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:506:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(datapath,suggested,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:563:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(keyword);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:591:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(keyword);
data/k2pdfopt-2.53+ds/willuslib/ocrtess.c:825:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
it+=strlen(&text[it])+1;
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:353:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pdf->filename,filename,511);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:537:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&de,strlen(s)+2,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:538:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
docenc=wpdf_docenc_from_utf8((char *)de,s,strlen(s)+1);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:553:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s)+2;
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1226:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
np=atoi(&buf[ip+strlen(kwords[i])]);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1312:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=fgetc(f))!=EOF)
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1497:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n=strlen(word->text)+2;
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1686:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(word[i].text)+nspaces[i];
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1702:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(sentence->text);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1736:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(sentence->text);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:1785:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n=strlen(word->text)+2;
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:2018:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n=strlen(s)+2;
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:2109:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&oline->title,strlen(&buf[j])+1,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/pdfwrite.c:2338:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n=strlen(src_utf8)+2;
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:80:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s)-1;
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:115:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(sbuf->s==NULL?0:strlen(sbuf->s));
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:124:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:124:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:135:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:135:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:137:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sbuf->s," ");
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:149:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+4);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:149:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+4);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:151:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sbuf->s," ");
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:154:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sbuf->s,"\"");
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:157:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sbuf->s,"\"");
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:167:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+1);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:167:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(s)+1);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:169:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sbuf->s," ");
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:170:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy_no_spaces(&sbuf->s[strlen(sbuf->s)],s);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:180:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,strlen(s)+1);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:276:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(buf)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:276:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(buf)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:302:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(buf)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:302:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf,(sbuf->s==NULL?0:strlen(sbuf->s))+strlen(buf)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:307:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf2,(sbuf2->s==NULL?0:strlen(sbuf2->s))+strlen(buf)+2);
data/k2pdfopt-2.53+ds/willuslib/strbuf.c:307:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strbuf_ensure(sbuf2,(sbuf2->s==NULL?0:strlen(sbuf2->s))+strlen(buf)+2);
data/k2pdfopt-2.53+ds/willuslib/string.c:179:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lp=strlen(pattern)-1;
data/k2pdfopt-2.53+ds/willuslib/string.c:371:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0;i<strlen(line1);i++)
data/k2pdfopt-2.53+ds/willuslib/string.c:388:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(next)+strlen(buf)>78)
data/k2pdfopt-2.53+ds/willuslib/string.c:388:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(next)+strlen(buf)>78)
data/k2pdfopt-2.53+ds/willuslib/string.c:472:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbuf,"-");
data/k2pdfopt-2.53+ds/willuslib/string.c:520:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tbuf,",");
data/k2pdfopt-2.53+ds/willuslib/string.c:527:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbuf,"-");
data/k2pdfopt-2.53+ds/willuslib/string.c:657:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&p,strlen(s)+1,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/string.c:785:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s);
data/k2pdfopt-2.53+ds/willuslib/string.c:871:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j=strlen(dest);
data/k2pdfopt-2.53+ds/willuslib/string.c:891:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s);
data/k2pdfopt-2.53+ds/willuslib/string.c:963:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,datetime,63);
data/k2pdfopt-2.53+ds/willuslib/string.c:979:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&buf[p],&buf[p+1],strlen(buf)-p);
data/k2pdfopt-2.53+ds/willuslib/string.c:995:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&buf[i0-1],&buf[i],strlen(buf)-i+1);
data/k2pdfopt-2.53+ds/willuslib/string.c:1035:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,datestr,31);
data/k2pdfopt-2.53+ds/willuslib/string.c:1216:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,time,31);
data/k2pdfopt-2.53+ds/willuslib/string.c:1255:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(buf);
data/k2pdfopt-2.53+ds/willuslib/string.c:1259:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(buf)+1;
data/k2pdfopt-2.53+ds/willuslib/string.c:1387:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&x,sizeof(short)*(strlen(s)+1),funcname,10);
data/k2pdfopt-2.53+ds/willuslib/string.c:1775:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d,s,nmax);
data/k2pdfopt-2.53+ds/willuslib/string.c:1785:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(d);
data/k2pdfopt-2.53+ds/willuslib/token.c:67:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cl->cmdarg,cl->argv[cl->i],1023);
data/k2pdfopt-2.53+ds/willuslib/token.c:201:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);c!=EOF;c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:201:30: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);c!=EOF;c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:224:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);c!=EOF && c!=';' && !token_space(c);c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:224:63: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);c!=EOF && c!=';' && !token_space(c);c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:237:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);c!=EOF && c!=qc && c!='\n';c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:237:58: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);c!=EOF && c!=qc && c!='\n';c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:241:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/token.c:266:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d1=tolower(fgetc(f));
data/k2pdfopt-2.53+ds/willuslib/token.c:267:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d2=tolower(fgetc(f));
data/k2pdfopt-2.53+ds/willuslib/token.c:295:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/token.c:300:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);1;c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:300:41: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(f);1;c=fgetc(f))
data/k2pdfopt-2.53+ds/willuslib/token.c:313:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/token.c:338:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=fgetc(f))!=EOF && c!='\n');
data/k2pdfopt-2.53+ds/willuslib/wfile.c:273:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:299:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(dst)-1;i>=0 && dst[i]!='.' && dst[i]!=':' && dst[i]!='/'
data/k2pdfopt-2.53+ds/willuslib/wfile.c:304:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(&dst[strlen(dst)]);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:319:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(dst)-1;i>=0 && dst[i]!='.' && dst[i]!=':' && dst[i]!='/'
data/k2pdfopt-2.53+ds/willuslib/wfile.c:330:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)],".%s",ext[0]=='.' ? &ext[1] : ext);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:345:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(dst)-1;i>=0 && dst[i]!='.' && dst[i]!=':' && dst[i]!='/'
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1016:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vol,drive,254);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1018:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(vol)>0 && vol[strlen(vol)-1]!='\\')
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1018:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(vol)>0 && vol[strlen(vol)-1]!='\\')
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1019:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(vol,"\\");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1061:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vol,volume,254);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1063:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(vol)>0 && vol[strlen(vol)-1]!='\\')
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1063:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(vol)>0 && vol[strlen(vol)-1]!='\\')
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1064:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(vol,"\\");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1422:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(path);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1668:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(filename);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1800:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(dst)-1;i>=0 && !wfile_eitherslash(dst[i]);i--);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1812:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(s)-1;i>=0 && !wfile_eitherslash(s[i]);i--);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1833:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(dst);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1846:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!wfile_eitherslash(dst[strlen(dst)-1]))
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1866:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (strlen(basename)>3 && basename[1]==':' &&
data/k2pdfopt-2.53+ds/willuslib/wfile.c:1894:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(dst);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2003:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dir,".");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2037:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(mydir,".");
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2347:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
patlen=(pattern==NULL) ? 0 : strlen(pattern);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:2377:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=fgetc(f))!=EOF)
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3066:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=fgetc(f))!=EOF)
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3097:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c=fgetc(f);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3216:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dletter,drives,31);
data/k2pdfopt-2.53+ds/willuslib/wfile.c:3221:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dletter,"c");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:385:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cmd,"\"");
data/k2pdfopt-2.53+ds/willuslib/wgs.c:389:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&cmd[strlen(cmd)],"\"%s\"",willusgs_name);
data/k2pdfopt-2.53+ds/willuslib/wgs.c:391:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&cmd[strlen(cmd)]," \"%s\"",argv[i]);
data/k2pdfopt-2.53+ds/willuslib/wgui.c:219:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(filename);
data/k2pdfopt-2.53+ds/willuslib/wgui.c:229:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pwd,wfile_get_wd(),511);
data/k2pdfopt-2.53+ds/willuslib/wgui.c:1748:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p=buf,fn=filename;1;p=&p[strlen(p)+1])
data/k2pdfopt-2.53+ds/willuslib/wgui.c:1756:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p)+1]='\0';
data/k2pdfopt-2.53+ds/willuslib/win.c:665:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size=strlen(lbuf);
data/k2pdfopt-2.53+ds/willuslib/win.c:1088:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nw->title,title,511);
data/k2pdfopt-2.53+ds/willuslib/win.c:1616:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (basename[0]=='\"' && basename[strlen(basename)-1]=='\"')
data/k2pdfopt-2.53+ds/willuslib/win.c:1618:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
basename[strlen(basename)-1]='\0';
data/k2pdfopt-2.53+ds/willuslib/win.c:1619:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(basename,&basename[1],strlen(basename));
data/k2pdfopt-2.53+ds/willuslib/win.c:1698:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dir[0]=='\"' && dir[strlen(dir)-1]=='\"')
data/k2pdfopt-2.53+ds/willuslib/win.c:1700:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(dir,&dir[1],strlen(dir));
data/k2pdfopt-2.53+ds/willuslib/win.c:1701:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir[strlen(dir)-1]='\0';
data/k2pdfopt-2.53+ds/willuslib/win.c:1704:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(dir)>0);
data/k2pdfopt-2.53+ds/willuslib/win.c:1714:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(filename)-4;
data/k2pdfopt-2.53+ds/willuslib/win.c:1722:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dest,".");
data/k2pdfopt-2.53+ds/willuslib/win.c:1871:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(winname,wname,255);
data/k2pdfopt-2.53+ds/willuslib/win.c:1900:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(winname,wname,255);
data/k2pdfopt-2.53+ds/willuslib/win.c:1935:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(findtitle,title,255);
data/k2pdfopt-2.53+ds/willuslib/win.c:2020:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(windir,p,255);
data/k2pdfopt-2.53+ds/willuslib/win.c:2072:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(desktop,buf,maxlen);
data/k2pdfopt-2.53+ds/willuslib/win.c:2129:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,buf,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/win.c:2153:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status=RegSetValueEx(newkey,"PATH",0,REG_SZ,(unsigned char *)path,strlen(path)+1);
data/k2pdfopt-2.53+ds/willuslib/win.c:2199:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value,buf,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/win.c:2400:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(target,&target[i+4],strlen(target)-(i+4)+1);
data/k2pdfopt-2.53+ds/willuslib/win.c:2411:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(target,absname,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/win.c:2476:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(TextOut((HDC)hdc,x,y,s,strlen(s)));
data/k2pdfopt-2.53+ds/willuslib/win.c:2493:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status=GetTextExtentPoint((HDC)hdc,s,strlen(s),&size);
data/k2pdfopt-2.53+ds/willuslib/win.c:2615:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(basename,"_");
data/k2pdfopt-2.53+ds/willuslib/win.c:2626:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdlen=strlen(newexe)+strlen(exename)+strlen(cmdline)+16;
data/k2pdfopt-2.53+ds/willuslib/win.c:2626:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdlen=strlen(newexe)+strlen(exename)+strlen(cmdline)+16;
data/k2pdfopt-2.53+ds/willuslib/win.c:2626:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdlen=strlen(newexe)+strlen(exename)+strlen(cmdline)+16;
data/k2pdfopt-2.53+ds/willuslib/win.c:2630:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)]," %s",cmdline);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:162:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(url,"/");
data/k2pdfopt-2.53+ds/willuslib/wininet.c:206:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(host,host0,255);
data/k2pdfopt-2.53+ds/willuslib/wininet.c:208:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(host)-1;i>=0;i--)
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:557:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wmb->b1,button1==NULL ? "" : button1,255);
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:559:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wmb->b2,button2==NULL ? "" : button2,255);
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:561:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wmb->b3,button3==NULL ? "" : button3,255);
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:563:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wmb->msg,message==NULL ? "" : message,1023);
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:647:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wmb->msg,message==NULL ? "" : message,1023);
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:2086:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i0=0,i=i0+strlen(&s[i0]);i>=i0;i--)
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:2090:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j=(i==i0)?i0+strlen(&s[i0]):i;
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:2111:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=i0+strlen(&s[i0])+1;
data/k2pdfopt-2.53+ds/willuslib/winmbox.c:2140:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(winmbox_fontname,fontname,63);
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:58:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&ext[1],wfile_ext(filename),510);
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:76:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(filename);
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:85:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&cmdargs[1],filename,509);
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:88:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxsize=strlen(cmdargs);
data/k2pdfopt-2.53+ds/willuslib/winshellwapi.c:92:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pwd,wfile_get_wd(),511);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:154:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,pdf_to_str_buf(ctx,obj),maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:297:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value=pdf_new_string(ctx,string,strlen(string));
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:672:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf,"q");
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:689:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)]," /%s Do Q\n",xobject_name(box->srcbox.pageno));
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:690:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bigbuf)+strlen(buf) > nbb)
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:690:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bigbuf)+strlen(buf) > nbb)
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:702:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,"\n");
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:828:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)]," %d",neg && ix>0 ? -ix : ix);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:832:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],fmt,neg ? -x : x);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1116:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pdf_obj *key_str = pdf_new_string(ctx,pdf_to_name(ctx,key),strlen(pdf_to_name(ctx,key)));
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1149:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=pdf_new_int(ctx,strlen(buf));
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1154:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fzbuf=fz_new_buffer(ctx,strlen(buf));
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1155:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fz_append_data(ctx,fzbuf,(unsigned char *)buf,strlen(buf));
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1726:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn(&p,strlen(fzoutline->title)+1,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/wmupdf.c:1873:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n=strlen(string)+2;
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:294:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenfn=strlen(fieldname);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:295:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(buf);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:937:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(cs + 6);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:956:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(altcs + 6);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1257:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(src1,src,31);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1286:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)]," GMT%s",&src[i]);
data/k2pdfopt-2.53+ds/willuslib/wmupdfinfo.c:1288:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dst[strlen(dst)]," %s",&src[i]);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:321:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(ms*1000);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:432:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst,src,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:434:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(dst));
data/k2pdfopt-2.53+ds/willuslib/wsys.c:516:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(orglocale,p==NULL?"":p,63);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:578:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&estr,strlen(varname)+strlen(value)+16,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:578:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&estr,strlen(varname)+strlen(value)+16,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:592:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status=RegSetValueEx(newkey,varname,0,REG_SZ,(unsigned char *)value,strlen(value)+1);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:636:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value,buf,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:653:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value,p,maxlen-1);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:704:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
willus_mem_alloc_warn((void **)&syscmd,strlen(cmd)
data/k2pdfopt-2.53+ds/willuslib/wsys.c:705:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+(stdoutfile==NULL?strlen(nullname):strlen(stdoutfile))
data/k2pdfopt-2.53+ds/willuslib/wsys.c:705:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+(stdoutfile==NULL?strlen(nullname):strlen(stdoutfile))
data/k2pdfopt-2.53+ds/willuslib/wsys.c:706:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+(stderrfile==NULL?strlen(nullname):strlen(stderrfile))+32,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:706:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+(stderrfile==NULL?strlen(nullname):strlen(stderrfile))+32,funcname,10);
data/k2pdfopt-2.53+ds/willuslib/wsys.c:732:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(syscmd,"\"");
data/k2pdfopt-2.53+ds/willuslib/wsys.c:738:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(syscmd,"\"");
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:87:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(newname,&filename[strlen(subarch)+1]);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:213:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1=strlen(fl->entry[i].name);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:234:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1=strlen(filename);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:285:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(filename);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:288:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
el=strlen(compressed_exts[i]);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:307:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(filename);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:312:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
el=strlen(uncompressed_exts[i]);
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:336:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dst,".");
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:356:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dst,".");
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:416:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mode2,"b");
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:517:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return(fgetc((FILE *)wz->f));
data/k2pdfopt-2.53+ds/willuslib/wzfile.c:734:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(gzwrite((gzFile)wz->f,wzbuffer,strlen(wzbuffer)));
ANALYSIS SUMMARY:
Hits = 2050
Lines analyzed = 116798 in approximately 3.42 seconds (34192 lines/second)
Physical Source Lines of Code (SLOC) = 88022
Hits@level = [0] 921 [1] 433 [2] 1114 [3] 39 [4] 463 [5] 1
Hits@level+ = [0+] 2971 [1+] 2050 [2+] 1617 [3+] 503 [4+] 464 [5+] 1
Hits/KSLOC@level+ = [0+] 33.7529 [1+] 23.2896 [2+] 18.3704 [3+] 5.71448 [4+] 5.27141 [5+] 0.0113608
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.