Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libantlr3c-3.4+dfsg/include/antlr3baserecognizer.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3errors.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3bitset.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3commontreenodestream.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3intstream.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3treeparser.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3defs.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3string.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3commontreeadaptor.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3basetreeadaptor.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3input.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3debugeventlistener.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3parser.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3encodings.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3interfaces.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3memory.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3tokenstream.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3exception.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3filestream.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3commontoken.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3lexer.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3cyclicdfa.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3parsetree.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3commontree.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3recognizersharedstate.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3collections.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3rewritestreams.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3basetree.h
Examining data/libantlr3c-3.4+dfsg/include/antlr3convertutf.h
Examining data/libantlr3c-3.4+dfsg/src/antlr3bitset.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3treeparser.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3baserecognizer.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3exception.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3lexer.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3commontreenodestream.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3cyclicdfa.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3encodings.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3commontreeadaptor.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3parser.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3basetreeadaptor.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3tokenstream.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3rewritestreams.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3basetree.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3commontree.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3commontoken.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3inputstream.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3filestream.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3collections.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3intstream.c
Examining data/libantlr3c-3.4+dfsg/src/antlr3convertutf.cc
Examining data/libantlr3c-3.4+dfsg/src/antlr3string.c
Examining data/libantlr3c-3.4+dfsg/antlr3config.h
FINAL RESULTS:
data/libantlr3c-3.4+dfsg/include/antlr3defs.h:516:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define ANTLR3_PRINTF printf
data/libantlr3c-3.4+dfsg/include/antlr3defs.h:524:24: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define ANTLR3_FPRINTF fprintf
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:312:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (message, "grammar \"%s\n", delboy->grammarFileName->chars);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:554:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "enterRule\t%s\t%s\n", grammarFileName, ruleName);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:576:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "exitRule\t%s\t%s\n", grammarFileName, ruleName);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:767:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "exception\t%s\t%d\t%d\t%d\n", (char *)(e->name), (ANTLR3_INT32)(e->index), e->line, e->charPositionInLine);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:798:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
out = buffer + sprintf((char *)buffer, "semanticPredicate\t%s\t", result == ANTLR3_TRUE ? "true" : "false");
data/libantlr3c-3.4+dfsg/include/antlr3defs.h:496:45: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ANTLR3_MEMCPY(target, source, size) memcpy((void *)(target), (const void *)(source), (size_t)(size))
data/libantlr3c-3.4+dfsg/src/antlr3basetreeadaptor.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/libantlr3c-3.4+dfsg/src/antlr3basetreeadaptor.c:199:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "\tn%p[label=\"", child);
data/libantlr3c-3.4+dfsg/src/antlr3basetreeadaptor.c:272:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/libantlr3c-3.4+dfsg/src/antlr3basetreeadaptor.c:282:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "\t\tn%p -> n%p\t\t// ", t, child);
data/libantlr3c-3.4+dfsg/src/antlr3basetreeadaptor.c:364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/libantlr3c-3.4+dfsg/src/antlr3basetreeadaptor.c:392:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "\tn%p[label=\"", theTree);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[256];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:310:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (message, "ANTLR %d\n", delboy->PROTOCOL_VERSION);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:565:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "enterAlt\t%d\n", alt);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:583:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:587:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "enterSubRule\t%d\n", decisionNumber);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:598:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "exitSubRule\t%d\n", decisionNumber);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:609:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "enterDecision\t%d\n", decisionNumber);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:621:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "exitDecision\t%d\n", decisionNumber);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:698:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:700:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "mark\t%d\n", (ANTLR3_UINT32)(marker & 0xFFFFFFFF));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:712:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "rewind\t%d\n", (ANTLR3_UINT32)(marker & 0xFFFFFFFF));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:729:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:731:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "beginBacktrack\t%d\n", (ANTLR3_UINT32)(level & 0xFFFFFFFF));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:743:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "endBacktrack\t%d\t%d\n", level, successful);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:755:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "location\t%d\t%d\n", line, pos);
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:910:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:911:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "nilNode\t%d\n", delboy->adaptor->getUniqueID(delboy->adaptor, t));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1007:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "createNode\t%d\t%d\n", delboy->adaptor->getUniqueID(delboy->adaptor, node), (ANTLR3_UINT32)token->getTokenIndex(token));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1015:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1017:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "becomeRoot\t%d\t%d\n", delboy->adaptor->getUniqueID(delboy->adaptor, newRoot),
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1027:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1029:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "addChild\t%d\t%d\n", delboy->adaptor->getUniqueID(delboy->adaptor, root),
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1038:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:1040:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "becomeRoot\t%d\t%d\t%d\n", delboy->adaptor->getUniqueID(delboy->adaptor, t),
data/libantlr3c-3.4+dfsg/src/antlr3filestream.c:406:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (ANTLR3_FDSC)fopen((const char *)filename, mode);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:992:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)newbit, "%d", i);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:1001:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)newbit, "%d", i);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:1011:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)newbit, "%d", i);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:1019:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)newbit, "%d", i);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:1319:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi((const char *)(string->chars));
data/libantlr3c-3.4+dfsg/include/antlr3baserecognizer.h:144:13: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
void (*mismatch) (struct ANTLR3_BASE_RECOGNIZER_struct * recognizer,
data/libantlr3c-3.4+dfsg/src/antlr3baserecognizer.c:56:17: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static void mismatch (pANTLR3_BASE_RECOGNIZER recognizer, ANTLR3_UINT32 ttype, pANTLR3_BITSET_LIST follow);
data/libantlr3c-3.4+dfsg/src/antlr3baserecognizer.c:172:47: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
recognizer->mismatch = mismatch;
data/libantlr3c-3.4+dfsg/src/antlr3baserecognizer.c:642:1: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch(pANTLR3_BASE_RECOGNIZER recognizer, ANTLR3_UINT32 ttype, pANTLR3_BITSET_LIST follow)
data/libantlr3c-3.4+dfsg/src/antlr3collections.c:340:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash = antlr3Hash(key, (ANTLR3_UINT32)strlen((const char *)key));
data/libantlr3c-3.4+dfsg/src/antlr3collections.c:492:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash = antlr3Hash(key, (ANTLR3_UINT32)strlen((const char *)key));
data/libantlr3c-3.4+dfsg/src/antlr3collections.c:603:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash = antlr3Hash(key, (ANTLR3_UINT32)strlen((const char *)key));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:311:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sockSend (delboy->socket, message, (int)strlen(message));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:313:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sockSend (delboy->socket, message, (int)strlen(message));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:325:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sockSend(delboy->socket, ptr, (int)strlen(ptr));
data/libantlr3c-3.4+dfsg/src/antlr3debughandlers.c:794:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (unsigned char *)ANTLR3_MALLOC(64 + 2*strlen(predicate));
data/libantlr3c-3.4+dfsg/src/antlr3string.c:598:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return factory->newPtr8(factory, ptr, (ANTLR3_UINT32)strlen((const char *)ptr));
data/libantlr3c-3.4+dfsg/src/antlr3string.c:609:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return factory->newPtr8(factory, ptr, (ANTLR3_UINT32)strlen((const char *)ptr));
data/libantlr3c-3.4+dfsg/src/antlr3string.c:803:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (ANTLR3_UINT32)strlen(newbit);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:826:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (ANTLR3_UINT32)strlen(newbit);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:881:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (ANTLR3_UINT32)strlen(chars);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:904:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (ANTLR3_UINT32)strlen(chars);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:1033:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (ANTLR3_UINT32)strlen(newbit);
data/libantlr3c-3.4+dfsg/src/antlr3string.c:1071:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (ANTLR3_UINT32)strlen(newbit);
data/libantlr3c-3.4+dfsg/src/antlr3treeparser.c:38:16: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static void mismatch (pANTLR3_BASE_RECOGNIZER recognizer, ANTLR3_UINT32 ttype, pANTLR3_BITSET_LIST follow);
data/libantlr3c-3.4+dfsg/src/antlr3treeparser.c:83:29: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
parser->rec->mismatch = mismatch;
data/libantlr3c-3.4+dfsg/src/antlr3treeparser.c:174:1: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch (pANTLR3_BASE_RECOGNIZER recognizer, ANTLR3_UINT32 ttype, pANTLR3_BITSET_LIST follow)
ANALYSIS SUMMARY:
Hits = 77
Lines analyzed = 24685 in approximately 0.77 seconds (32025 lines/second)
Physical Source Lines of Code (SLOC) = 11886
Hits@level = [0] 2 [1] 22 [2] 48 [3] 0 [4] 7 [5] 0
Hits@level+ = [0+] 79 [1+] 77 [2+] 55 [3+] 7 [4+] 7 [5+] 0
Hits/KSLOC@level+ = [0+] 6.64647 [1+] 6.47821 [2+] 4.62729 [3+] 0.588928 [4+] 0.588928 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.