Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kodi-pvr-vuplus-3.28.9/src/Enigma2.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/Enigma2.h
Examining data/kodi-pvr-vuplus-3.28.9/src/client.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/client.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/ChannelGroups.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/ChannelGroups.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Channels.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Channels.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/ConnectionManager.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/ConnectionManager.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Epg.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Epg.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/IConnectionListener.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/IStreamReader.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/LocalizedString.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/RecordingReader.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/RecordingReader.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Recordings.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Recordings.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Settings.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Settings.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/StreamReader.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/StreamReader.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Timers.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/Timers.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/TimeshiftBuffer.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/TimeshiftBuffer.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/AutoTimer.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/AutoTimer.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/BaseChannel.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/BaseEntry.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/BaseEntry.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Channel.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Channel.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/ChannelGroup.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/ChannelGroup.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/EpgChannel.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/EpgEntry.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/EpgEntry.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/EpgPartialEntry.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Tags.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Timer.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Timer.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/EpgEntryExtractor.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/EpgEntryExtractor.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/EpisodeSeasonPattern.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/GenreIdMapper.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/GenreIdMapper.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/GenreRytecTextMapper.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/GenreRytecTextMapper.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/IExtractor.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/ShowInfoExtractor.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/ShowInfoExtractor.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/CurlFile.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/CurlFile.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/DeviceInfo.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/DeviceSettings.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/FileUtils.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/FileUtils.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/LocalizedString.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/Logger.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/Logger.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/SignalStatus.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/StreamStatus.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/Tuner.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/UpdateState.h
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/WebUtils.cpp
Examining data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/WebUtils.h
FINAL RESULTS:
data/kodi-pvr-vuplus-3.28.9/src/Enigma2.h:49:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#if defined(snprintf)
data/kodi-pvr-vuplus-3.28.9/src/Enigma2.h:50:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:261:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
versionPart = std::atoi(i->str().c_str());
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:265:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
versionPart = std::atoi(i->str().c_str());
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:269:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
versionPart = std::atoi(i->str().c_str());
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:435:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_deviceSettings.SetGlobalRecordingStartMargin(std::atoi(settingValue.c_str()));
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:440:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_deviceSettings.SetGlobalRecordingEndMargin(std::atoi(settingValue.c_str()));
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:661:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
signalStatus.m_snrPercentage = std::atoi(std::regex_replace(snrPercentage, regexReplacePercent, regexReplace).c_str()) * 655;
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:662:29: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
signalStatus.m_ber = std::atol(ber.c_str());
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.cpp:663:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
signalStatus.m_signalStrength = std::atoi(std::regex_replace(signalStrength, regexReplacePercent, regexReplace).c_str()) * 655;
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.h:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_serverName[256];
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Admin.h:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_serverVersion[256];
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Settings.cpp:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/AutoTimer.cpp:225:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_weekdays = m_weekdays |= (1 << std::atoi(includeVal.c_str()));
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:158:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeInSecs += std::atoi(tokens[0].c_str()) * 60;
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:159:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeInSecs += std::atoi(tokens[1].c_str());
data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/ShowInfoExtractor.cpp:57:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entry.SetSeasonNumber(std::atoi(seasonText.c_str()));
data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/ShowInfoExtractor.cpp:66:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entry.SetEpisodeNumber(std::atoi(episodeText.c_str()));
data/kodi-pvr-vuplus-3.28.9/src/enigma2/extract/ShowInfoExtractor.cpp:82:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entry.SetYear(std::atoi(yearText.c_str()));
data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/CurlFile.cpp:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/CurlFile.cpp:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/FileUtils.cpp:126:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/FileUtils.cpp:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/WebUtils.cpp:34:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char SAFE[256] =
data/kodi-pvr-vuplus-3.28.9/src/enigma2/utilities/WebUtils.cpp:60:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char DEC2HEX[16 + 1] = "0123456789ABCDEF";
data/kodi-pvr-vuplus-3.28.9/src/Enigma2.cpp:739:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(signalStatus.strServiceName, channel->GetChannelName().c_str(), sizeof(signalStatus.strServiceName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/Enigma2.cpp:740:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(signalStatus.strProviderName, channel->GetProviderName().c_str(), sizeof(signalStatus.strProviderName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/Enigma2.cpp:758:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(signalStatus.strAdapterName, m_signalStatus.m_adapterName.c_str(), sizeof(signalStatus.strAdapterName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/Enigma2.cpp:759:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(signalStatus.strAdapterStatus, m_signalStatus.m_adapterStatus.c_str(), sizeof(signalStatus.strAdapterStatus) - 1);
data/kodi-pvr-vuplus-3.28.9/src/client.cpp:371:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties[0].strName, PVR_STREAM_PROPERTY_STREAMURL, sizeof(properties[0].strName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/client.cpp:372:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties[0].strValue, enigma->GetLiveStreamURL(*channel).c_str(), sizeof(properties[0].strValue) - 1);
data/kodi-pvr-vuplus-3.28.9/src/client.cpp:382:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(properties[0].strName, "program", sizeof(properties[0].strName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/client.cpp:383:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties[0].strValue, strStreamProgramNumber.c_str(), sizeof(properties[0].strValue) - 1);
data/kodi-pvr-vuplus-3.28.9/src/client.cpp:635:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(properties[0].strName, "program", sizeof(properties[0].strName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/client.cpp:636:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(properties[0].strValue, strStreamProgramNumber.c_str(), sizeof(properties[0].strValue) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/ChannelGroups.cpp:85:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tag.strGroupName, groupName.c_str(), sizeof(tag.strGroupName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/RecordingReader.cpp:90:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_pos += read;
data/kodi-pvr-vuplus-3.28.9/src/enigma2/RecordingReader.cpp:91:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Timers.cpp:262:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strDescription, description.c_str(), sizeof(strDescription) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Timers.cpp:270:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(recordingGroup[i].strDescription, group.second.c_str(), sizeof(recordingGroup[i].strDescription) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/Timers.cpp:280:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(preventDuplicateEpisodes[i].strDescription, deDup.second.c_str(), sizeof(preventDuplicateEpisodes[i].strDescription) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/TimeshiftBuffer.cpp:95:70: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t write = XBMC->WriteFile(m_filebufferWriteHandle, buffer, read);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/AutoTimer.cpp:81:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strTitle, m_title.c_str(), sizeof(left.strTitle) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/AutoTimer.cpp:82:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strEpgSearchString, m_searchPhrase.c_str(), sizeof(left.strEpgSearchString) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Channel.cpp:238:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strChannelName, m_channelName.c_str(), sizeof(left.strChannelName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Channel.cpp:239:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(left.strInputFormat, "", 0); // unused
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Channel.cpp:242:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strIconPath, m_iconPath.c_str(), sizeof(left.strIconPath) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/ChannelGroup.cpp:127:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strGroupName, m_groupName.c_str(), sizeof(left.strGroupName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:168:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strRecordingId, m_recordingId.c_str(), sizeof(left.strRecordingId) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:169:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strTitle, m_title.c_str(), sizeof(left.strTitle) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:170:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strPlotOutline, m_plotOutline.c_str(), sizeof(left.strPlotOutline) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:171:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strPlot, m_plot.c_str(), sizeof(left.strPlot) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:172:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strChannelName, m_channelName.c_str(), sizeof(left.strChannelName) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:173:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strIconPath, m_iconPath.c_str(), sizeof(left.strIconPath) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:185:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strDirectory, m_directory.c_str(), sizeof(left.strDirectory) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/RecordingEntry.cpp:208:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strGenreDescription, m_genreDescription.c_str(), sizeof(left.strGenreDescription) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Timer.cpp:100:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strTitle, m_title.c_str(), sizeof(left.strTitle) - 1);
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Timer.cpp:101:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(left.strDirectory, "/", sizeof(left.strDirectory) - 1); // unused
data/kodi-pvr-vuplus-3.28.9/src/enigma2/data/Timer.cpp:102:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(left.strSummary, m_plot.c_str(), sizeof(left.strSummary) - 1);
ANALYSIS SUMMARY:
Hits = 59
Lines analyzed = 13262 in approximately 1.62 seconds (8207 lines/second)
Physical Source Lines of Code (SLOC) = 9094
Hits@level = [0] 11 [1] 34 [2] 23 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 70 [1+] 59 [2+] 25 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 7.69738 [1+] 6.48779 [2+] 2.74907 [3+] 0.219925 [4+] 0.219925 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.