Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIAdmin.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIAdmin.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIChannelScan.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIChannelScan.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIChannels.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIChannels.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIDemux.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIDemux.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIRecording.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIRecording.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSISession.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSISession.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/client.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/client.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/GUIShader.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/GUIShader.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Matrix.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Matrix.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Shader.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Shader.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/tools.cpp
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/tools.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/vnsicommand.h
Examining data/kodi-pvr-vdr-vnsi-3.6.4/src/xbmc_codec_descriptor.hpp
FINAL RESULTS:
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIAdmin.cpp:1026:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8];
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIAdmin.cpp:1029:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", i);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIAdmin.cpp:1050:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", i);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIAdmin.cpp:1493:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIAdmin.cpp:1494:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%04x", provider.m_caid);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:961:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vrp.add_U32(atoi(recinfo.strRecordingId));
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:984:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vrp.add_U32(atoi(recinfo.strRecordingId));
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1016:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vrp.add_U32(atoi(recinfo.strRecordingId));
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1116:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vrp.add_U32(atoi(recinfo.strRecordingId));
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIDemux.cpp:82:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&props->stream[i], &m_streams.stream[i], sizeof(PVR_STREAM_PROPERTIES::PVR_STREAM));
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIRecording.cpp:54:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vrp.add_U32(atoi(recinfo.strRecordingId));
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIRecording.cpp:122:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data, length);
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:75:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[0], &ul, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:77:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[4], &ul, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[8], &ul, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:81:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[userDataLenPos], &ul, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:89:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + bufUsed, string, len);
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:94:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[userDataLenPos], &tmp, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:106:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[userDataLenPos], &tmp, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:114:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[bufUsed], &tmp, sizeof(int32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:119:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[userDataLenPos], &tmp, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[bufUsed], &tmp, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:132:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[userDataLenPos], &tmp, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[bufUsed], &tmp, sizeof(uint64_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:145:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[userDataLenPos], &tmp, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:153:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[bufUsed], &tmp, sizeof(int64_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:158:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[userDataLenPos], &tmp, sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:173:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newBuf, buffer, bufUsed);
data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.cpp:176:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ul, &userData[packetPos], sizeof(uint32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.cpp:187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ull, &userData[packetPos], sizeof(uint64_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.cpp:198:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ull, &userData[packetPos], sizeof(uint64_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.cpp:201:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&d,&ull,sizeof(double));
data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.cpp:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&l, &userData[packetPos], sizeof(int32_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/responsepacket.cpp:222:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ll, &userData[packetPos], sizeof(int64_t));
data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Shader.cpp:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Shader.cpp:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Shader.cpp:144:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,"/resources/shaders/1.5/");
data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Shader.cpp:147:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,"/resources/shaders/1.2/");
data/kodi-pvr-vdr-vnsi-3.6.4/src/shaders/Shader.cpp:149:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,"/resources/shaders/1.2/");
data/kodi-pvr-vdr-vnsi-3.6.4/src/tools.cpp:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[8];
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:276:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strChannelName, strChannelName, sizeof(tag.strChannelName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:291:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strIconPath, path.c_str(), sizeof(tag.strIconPath) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:418:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strTitle, strTitle, sizeof(tag.strTitle) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:423:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strEpgSearchString, epgSearch, sizeof(tag.strEpgSearchString) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:481:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strTitle, strTitle, sizeof(tag.strTitle) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:488:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strEpgSearchString, epgSearch, sizeof(tag.strEpgSearchString) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:563:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(directory.c_str()) > 0)
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:593:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(title.c_str()) > 0)
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:704:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(timerinfo1.strTitle, newname, sizeof(timerinfo1.strTitle) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:768:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(types[*size].strDescription, XBMC->GetLocalizedString(30200), 64);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:783:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(types[*size].strDescription, XBMC->GetLocalizedString(30201), 64);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:800:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(types[*size].strDescription, XBMC->GetLocalizedString(30205), 64);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:814:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(types[*size].strDescription, XBMC->GetLocalizedString(30202), 64);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:843:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(types[*size].strDescription, XBMC->GetLocalizedString(30204), 64);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:856:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(types[*size].strDescription, XBMC->GetLocalizedString(30203), 64);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:911:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strChannelName, strChannelName, sizeof(tag.strChannelName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:933:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strTitle, strTitle, sizeof(tag.strTitle) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:936:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strEpisodeName, strEpisodeName, sizeof(tag.strEpisodeName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:937:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strPlotOutline, strEpisodeName, sizeof(tag.strEpisodeName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:940:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strPlot, strPlot, sizeof(tag.strPlot) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:943:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strDirectory, strDirectory, sizeof(tag.strDirectory) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:946:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strRecordingId, strRecordingId.c_str(), sizeof(tag.strRecordingId) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1082:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strChannelName, strChannelName, sizeof(tag.strChannelName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1091:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strTitle, strTitle, sizeof(tag.strTitle) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1094:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strEpisodeName, strEpisodeName, sizeof(tag.strEpisodeName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1095:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strPlotOutline, strEpisodeName, sizeof(tag.strEpisodeName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1098:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strPlot, strPlot, sizeof(tag.strPlot) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1101:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strDirectory, strDirectory, sizeof(tag.strDirectory) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1104:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strRecordingId, strRecordingId.c_str(), sizeof(tag.strRecordingId) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1326:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strGroupName, strGroupName, sizeof(tag.strGroupName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIData.cpp:1355:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strGroupName, group.strGroupName, sizeof(tag.strGroupName) - 1);
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIDemux.cpp:343:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qualityinfo.strAdapterName, m_Quality.fe_name.c_str(), sizeof(qualityinfo.strAdapterName));
data/kodi-pvr-vdr-vnsi-3.6.4/src/VNSIDemux.cpp:344:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qualityinfo.strAdapterStatus, m_Quality.fe_status.c_str(), sizeof(qualityinfo.strAdapterStatus));
data/kodi-pvr-vdr-vnsi-3.6.4/src/requestpacket.cpp:87:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string) + 1;
ANALYSIS SUMMARY:
Hits = 74
Lines analyzed = 8432 in approximately 0.88 seconds (9632 lines/second)
Physical Source Lines of Code (SLOC) = 6536
Hits@level = [0] 1 [1] 34 [2] 40 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 75 [1+] 74 [2+] 40 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 11.4749 [1+] 11.3219 [2+] 6.11995 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.