Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libisoburn-1.5.2/libisoburn/burn_wrap.c
Examining data/libisoburn-1.5.2/libisoburn/isoburn.h
Examining data/libisoburn-1.5.2/libisoburn/data_source.c
Examining data/libisoburn-1.5.2/libisoburn/isoburn.c
Examining data/libisoburn-1.5.2/libisoburn/libisoburn.h
Examining data/libisoburn-1.5.2/libisoburn/isofs_wrap.c
Examining data/libisoburn-1.5.2/test/compare_file.c
Examining data/libisoburn-1.5.2/xorriso/drive_mgt.h
Examining data/libisoburn-1.5.2/xorriso/xorriso_timestamp.h
Examining data/libisoburn-1.5.2/xorriso/iso_img.h
Examining data/libisoburn-1.5.2/xorriso/iso_manip.h
Examining data/libisoburn-1.5.2/xorriso/write_run.c
Examining data/libisoburn-1.5.2/xorriso/xorriso_private.h
Examining data/libisoburn-1.5.2/xorriso/iso_tree.c
Examining data/libisoburn-1.5.2/xorriso/opts_i_o.c
Examining data/libisoburn-1.5.2/xorriso/cmp_update.c
Examining data/libisoburn-1.5.2/xorriso/findjob.c
Examining data/libisoburn-1.5.2/xorriso/parse_exec.c
Examining data/libisoburn-1.5.2/xorriso/text_io.c
Examining data/libisoburn-1.5.2/xorriso/emulators.h
Examining data/libisoburn-1.5.2/xorriso/disk_ops.h
Examining data/libisoburn-1.5.2/xorriso/filters.c
Examining data/libisoburn-1.5.2/xorriso/check_media.h
Examining data/libisoburn-1.5.2/xorriso/base_obj.c
Examining data/libisoburn-1.5.2/xorriso/disk_ops.c
Examining data/libisoburn-1.5.2/xorriso/sort_cmp.h
Examining data/libisoburn-1.5.2/xorriso/iso_img.c
Examining data/libisoburn-1.5.2/xorriso/xorriso_buildstamp.h
Examining data/libisoburn-1.5.2/xorriso/xorriso_buildstamp_none.h
Examining data/libisoburn-1.5.2/xorriso/misc_funct.h
Examining data/libisoburn-1.5.2/xorriso/read_run.c
Examining data/libisoburn-1.5.2/xorriso/misc_funct.c
Examining data/libisoburn-1.5.2/xorriso/lib_mgt.h
Examining data/libisoburn-1.5.2/xorriso/xorriso_main.c
Examining data/libisoburn-1.5.2/xorriso/aux_objects.c
Examining data/libisoburn-1.5.2/xorriso/iso_tree.h
Examining data/libisoburn-1.5.2/xorriso/read_run.h
Examining data/libisoburn-1.5.2/xorriso/drive_mgt.c
Examining data/libisoburn-1.5.2/xorriso/xorrisoburn.h
Examining data/libisoburn-1.5.2/xorriso/cmp_update.h
Examining data/libisoburn-1.5.2/xorriso/parse_exec.h
Examining data/libisoburn-1.5.2/xorriso/match.c
Examining data/libisoburn-1.5.2/xorriso/opts_a_c.c
Examining data/libisoburn-1.5.2/xorriso/base_obj.h
Examining data/libisoburn-1.5.2/xorriso/filters.h
Examining data/libisoburn-1.5.2/xorriso/make_xorriso_1.c
Examining data/libisoburn-1.5.2/xorriso/opts_p_z.c
Examining data/libisoburn-1.5.2/xorriso/sfile.c
Examining data/libisoburn-1.5.2/xorriso/sfile.h
Examining data/libisoburn-1.5.2/xorriso/check_media.c
Examining data/libisoburn-1.5.2/xorriso/iso_manip.c
Examining data/libisoburn-1.5.2/xorriso/findjob.h
Examining data/libisoburn-1.5.2/xorriso/match.h
Examining data/libisoburn-1.5.2/xorriso/xorriso.h
Examining data/libisoburn-1.5.2/xorriso/aux_objects.h
Examining data/libisoburn-1.5.2/xorriso/sort_cmp.c
Examining data/libisoburn-1.5.2/xorriso/write_run.h
Examining data/libisoburn-1.5.2/xorriso/text_io.h
Examining data/libisoburn-1.5.2/xorriso/emulators.c
Examining data/libisoburn-1.5.2/xorriso/lib_mgt.c
Examining data/libisoburn-1.5.2/xorriso/opts_d_h.c
Examining data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c
Examining data/libisoburn-1.5.2/releng/codesamples/api_3lib.cpp
Examining data/libisoburn-1.5.2/releng/codesamples/api_xorriso.cpp
FINAL RESULTS:
data/libisoburn-1.5.2/xorriso/aux_objects.c:995:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret= chmod(m->disk_path, m->stbuf.st_mode);
data/libisoburn-1.5.2/xorriso/aux_objects.c:1007:11: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
ret= chown(m->disk_path, m->stbuf.st_uid, m->stbuf.st_gid);
data/libisoburn-1.5.2/xorriso/disk_ops.c:78:7: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
l= readlink(lpt, buf, SfileadrL-1);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1647:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret= chmod(path_pt, mode);
data/libisoburn-1.5.2/xorriso/read_run.c:408:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret= chmod(disk_path, mode);
data/libisoburn-1.5.2/xorriso/read_run.c:438:9: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
ret= chown(disk_path, uid, gid); /* don't complain if it fails */
data/libisoburn-1.5.2/xorriso/read_run.c:456:13: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret= chmod(disk_path, mode);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:162:9: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(xorriso_path, xargv);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:181:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boss.progname, argv[0]);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:272:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mark_line, "-mark %s\n", boss->pending_mark);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:402:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_payload, payload);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:403:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_payload + l, boss->reply_lines[i] + 5);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:477:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-msg_op read_sieve '%s'\n", names[i]);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:615:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boss->prefix, argv[1]);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:618:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boss->separators, argv[2]);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:851:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*argv)[0],progname);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:948:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*argv)[argzaehl],buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:951:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((*argv)[argzaehl],"-%s", buf);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:560:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(libburn_drive_adr, adr);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:979:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Cannot set write type %s for this medium.",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:981:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg + strlen(msg), "Reasons given:\n %s", reasons);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:984:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Explicitly chosen write type: %s",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:990:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Failed to find a suitable write type:\n%s", reasons);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1001:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Write_type = %s\n",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1467:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Found %d ISO sessions by scanning %s in %.f seconds",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1555:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Found %d ISO sessions by scanning %s in %.f seconds",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1973:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Failed to find %s %s", mode_names[adr_mode],
data/libisoburn-1.5.2/libisoburn/isoburn.c:1578:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vol_uuid, opts->vol_uuid);
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:588:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Pseudo drive '%s' does not allow reading", path);
data/libisoburn-1.5.2/test/compare_file.c:88:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%3s %2d %2.2d:%2.2d",
data/libisoburn-1.5.2/test/compare_file.c:91:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%3s %2d %4.4d",
data/libisoburn-1.5.2/test/compare_file.c:113:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a, Ftypetxt(s1.st_mode, 1));
data/libisoburn-1.5.2/test/compare_file.c:117:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(a, adrc);
data/libisoburn-1.5.2/test/compare_file.c:304:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adr1, argv[1]);
data/libisoburn-1.5.2/test/compare_file.c:305:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adrc, argv[1]+strlen(argv[2]));
data/libisoburn-1.5.2/test/compare_file.c:306:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adr2, argv[3]);
data/libisoburn-1.5.2/test/compare_file.c:309:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(adr2, adrc);
data/libisoburn-1.5.2/xorriso/aux_objects.c:221:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(adr, "%s%d%s%d%s", Splitpart_wordS[0], partno, Splitpart_wordS[1],
data/libisoburn-1.5.2/xorriso/aux_objects.c:228:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(adr, Splitpart_wordS[3]);
data/libisoburn-1.5.2/xorriso/aux_objects.c:234:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(adr, Splitpart_wordS[4]);
data/libisoburn-1.5.2/xorriso/base_obj.c:127:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->rc_filenames[i],Xorriso_sys_rc_nameS[i]);
data/libisoburn-1.5.2/xorriso/base_obj.c:133:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->wdx, m->initial_wdx);
data/libisoburn-1.5.2/xorriso/check_media.c:625:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(to->abort_file_path, from->abort_file_path);
data/libisoburn-1.5.2/xorriso/check_media.c:626:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(to->data_to_path, from->data_to_path);
data/libisoburn-1.5.2/xorriso/check_media.c:632:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(to->sector_map_path, from->sector_map_path);
data/libisoburn-1.5.2/xorriso/check_media.c:637:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(to->event_severity, from->event_severity);
data/libisoburn-1.5.2/xorriso/check_media.c:714:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(job->event_severity, sev_text);
data/libisoburn-1.5.2/xorriso/check_media.c:812:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/check_media.c:817:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/check_media.c:823:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-check_media: Unknown option '%s'", argv[i]);
data/libisoburn-1.5.2/xorriso/check_media.c:857:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), " use=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:861:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), " what=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:868:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), " retry=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:891:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), " map_with_volid=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:898:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), "%d%s",
data/libisoburn-1.5.2/xorriso/check_media.c:901:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), "%s",
data/libisoburn-1.5.2/xorriso/check_media.c:905:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), " report=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:911:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), " bad_limit=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:917:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(report + strlen(report), " event=%s", job->event_severity);
data/libisoburn-1.5.2/xorriso/check_media.c:923:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(report, xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/check_media.c:926:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(default_report, "-check_media_defaults reset=now %s",
data/libisoburn-1.5.2/xorriso/cmp_update.c:74:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "- %s (DISK) : cannot open() : %s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:84:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "- %s (DISK) : cannot lseek(%.f) : %s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:108:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "- %s (ISO) : cannot open() file in ISO image\n",iso_adr);
data/libisoburn-1.5.2/xorriso/cmp_update.c:157:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "- %s (DISK) : early EOF after %.f bytes\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:170:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "- %s (ISO) : early EOF after %.f bytes\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:181:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "- %s (DISK) : early EOF after %.f bytes\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:230:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s %s : differs by MD5 sums.\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:246:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s %s : differs by at least %.f bytes. First at %s%.f\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:340:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), " (DISK) : exluded by %s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:356:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt),
data/libisoburn-1.5.2/xorriso/cmp_update.c:367:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a, Ftypetxt(s1.st_mode, 1));
data/libisoburn-1.5.2/xorriso/cmp_update.c:410:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s st_mode : %7.7o <> %7.7o\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:419:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s type : %s <> %s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:459:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s ACL : %d difference%s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:480:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s xattr : %d difference%s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:488:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s st_uid : %lu <> %lu\n", a,
data/libisoburn-1.5.2/xorriso/cmp_update.c:495:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s st_gid : %lu <> %lu\n", a,
data/libisoburn-1.5.2/xorriso/cmp_update.c:504:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s %s st_rdev : %lu <> %lu\n", a,
data/libisoburn-1.5.2/xorriso/cmp_update.c:514:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s st_size : %.f <> %.f diff= %.f\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:522:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s st_mtime : %s <> %s diff= %.f s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:532:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s st_atime : %s <> %s diff= %.f s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:543:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s st_ctime : %s <> %s diff= %.f s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:574:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt,
data/libisoburn-1.5.2/xorriso/cmp_update.c:583:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s content : %s > %s diff= %.f s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:590:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt,
data/libisoburn-1.5.2/xorriso/cmp_update.c:598:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s dev_ino : differing\n", a);
data/libisoburn-1.5.2/xorriso/cmp_update.c:606:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt,
data/libisoburn-1.5.2/xorriso/cmp_update.c:612:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s dev_ino : no dev_ino stored with image node\n", a);
data/libisoburn-1.5.2/xorriso/cmp_update.c:625:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(part_path, iso_adr);
data/libisoburn-1.5.2/xorriso/cmp_update.c:642:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/cmp_update.c:700:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adrc, iso_path + strlen(iso_prefix) + 1);
data/libisoburn-1.5.2/xorriso/cmp_update.c:702:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adrc, iso_path + strlen(iso_prefix));
data/libisoburn-1.5.2/xorriso/cmp_update.c:915:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(part_path, iso_rr_path);
data/libisoburn-1.5.2/xorriso/cmp_update.c:988:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(part_path, iso_rr_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:104:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result_path, buf);
data/libisoburn-1.5.2/xorriso/disk_ops.c:169:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-uid: Not a known user: '%s'", uid_string);
data/libisoburn-1.5.2/xorriso/disk_ops.c:193:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-gid: Not a known group: '%s'", gid_string);
data/libisoburn-1.5.2/xorriso/disk_ops.c:291:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:403:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(show_path, rel_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:407:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, abs_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:480:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, abs_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:530:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(show_path, rel_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:533:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, abs_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:572:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line+strlen(xorriso->result_line), "%s\n",
data/libisoburn-1.5.2/xorriso/disk_ops.c:694:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rpt, perms);
data/libisoburn-1.5.2/xorriso/disk_ops.c:717:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%8s ", mm_text);
data/libisoburn-1.5.2/xorriso/disk_ops.c:985:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Cannot lstat(%s)",
data/libisoburn-1.5.2/xorriso/disk_ops.c:1000:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s in disk filesystem is not a directory",
data/libisoburn-1.5.2/xorriso/disk_ops.c:1029:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sub_path, path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1045:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sub_name, name);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1060:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Directory not removed: %s",
data/libisoburn-1.5.2/xorriso/disk_ops.c:1079:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s in disk filesystem is a directory",
data/libisoburn-1.5.2/xorriso/disk_ops.c:1088:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1118:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Cannot delete from disk filesystem %s",
data/libisoburn-1.5.2/xorriso/disk_ops.c:1226:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->wdi, iso_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1228:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->wdi, wdi_mem);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1731:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(disk_path, "/%s", img_path + li + 1);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1733:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(disk_path, "%s/%s", dpfx, img_path + li + 1);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1735:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disk_path, dpfx); /* img_path[li] is 0, img_path equals ipfx */
data/libisoburn-1.5.2/xorriso/disk_ops.c:1814:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1866:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(form, cpt);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1869:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(form, cpt);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1887:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-mount*: Unsupported system type %s",
data/libisoburn-1.5.2/xorriso/disk_ops.c:1895:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(form,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1929:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cooked_dev, "/dev/cd%s", devadr + 8);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1932:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(form,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1973:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(xorriso->scdbackup_tag_written, "%s %s %s %s %s %s %s",
data/libisoburn-1.5.2/xorriso/disk_ops.c:1975:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "scdbackup tag written : %s %s %s %s\n",
data/libisoburn-1.5.2/xorriso/disk_ops.c:2068:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text + strlen(xorriso->info_text), ". %s", why);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:122:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:349:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Cannot re-assess drive '%s'", adr);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:351:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Cannot acquire drive '%s'", adr);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:665:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:682:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Volume id : '%s'\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:688:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "New volume id: '%s'\n", xorriso->volid);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:847:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*toc_text) + l, Xorriso_lst_get_text(lpt, 0));
data/libisoburn-1.5.2/xorriso/drive_mgt.c:871:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(drive_name, xorriso->outdev);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:873:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(off_name, xorriso->outdev_off_adr);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:875:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(off_name, drive_name);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:924:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->info_text, xorriso->result_line);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:956:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Media product: %s , ", product_id);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:962:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), "%s\n", manuf);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1034:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Drive current: %s '%s'\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1045:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Drive access : %s:%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1052:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Drive access : %s:%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1059:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Drive type : vendor '%s' product '%s' revision '%s'\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1069:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Drive id : '%s'\n", sno);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1086:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s", profile_name);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1217:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Media blocks : %d readable , %d %s , %d overall\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1226:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), ", %s free\n", mem_text);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1245:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "TOC layout : %3s , %9s , %10s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1248:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "TOC layout : %3s , %9s , %10s , %s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1280:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "ISO session : %3d , %9d , %9ds , %s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1297:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%13s: %3d , %9d , %9ds , \n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1359:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Incmp session: %3d , %9d , %9ds , %s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1362:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "ISO session : %3d , %9d , %9ds , %s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1365:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "ISO track : %3d , %9d , %9ds , %s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1371:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%13s: %3d , %9d , %9ds , \n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1377:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%13s: %3d , %9d , %9ds , \n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1413:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Media summary: %d session%s, %d data blocks, %s data",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1420:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), ", %s free", mem_text);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1535:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%d -dev '%s' ", i, adrpt);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1540:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s : '%-8.8s' '%s' \n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1644:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Format status: %s\n", status_text);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1844:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1867:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1874:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1890:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1899:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1905:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Write speed 0: %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1911:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1978:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "%s 0x%4.4X (%s)%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2012:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s\n", "Emulated (null-drive)");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2014:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2017:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2020:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2023:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2026:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s\n","Emulated (stdio-drive)");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2028:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "%s\n","Removable CD-ROM");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2029:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "Vendor_info : '%s'\n",dinfo->vendor);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2030:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "Identifikation : '%s'\n",dinfo->product);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2031:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt+strlen(respt), "Revision : '%s'\n",dinfo->revision);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2082:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Current: %s%s\n",profile_name,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2091:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "book type: %s (emulated booktype)\n", profile_name);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2132:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Product Id: %s\n", product_id);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2136:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Producer: %s\n", manuf);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2140:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Manufacturer: %s\n", manuf);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2152:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Manufacturer: '%s'\n", media_code1);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2155:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Media type: '%s'\n", media_code2);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2226:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2240:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2386:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2408:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2541:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2573:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3435:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "No %s drive acquired %s",
data/libisoburn-1.5.2/xorriso/emulators.c:103:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s\n", helptext[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:180:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mem_report_about_text, xorriso->report_about_text);
data/libisoburn-1.5.2/xorriso/emulators.c:196:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: ", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:220:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Ignored option ", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:229:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Option -audio not supported.", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:246:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blank_mode, cpt);
data/libisoburn-1.5.2/xorriso/emulators.c:252:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: blank=", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:267:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev_adr, cpt);
data/libisoburn-1.5.2/xorriso/emulators.c:330:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Option -scanbus not supported.",
data/libisoburn-1.5.2/xorriso/emulators.c:378:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: much too large: %s",whom, argpt);
data/libisoburn-1.5.2/xorriso/emulators.c:414:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Unknown option ", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:420:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Surplus track source ", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:446:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s\n", blank_help[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:504:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: No output drive selected", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:573:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Job could not be performed properly.",
data/libisoburn-1.5.2/xorriso/emulators.c:749:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Ignored option ", whom);
data/libisoburn-1.5.2/xorriso/emulators.c:958:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ra_text, xorriso->report_about_text);
data/libisoburn-1.5.2/xorriso/emulators.c:962:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s\n", helptext[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:1015:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:1160:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Unsupported option -%c", whom, *cpt);
data/libisoburn-1.5.2/xorriso/emulators.c:1184:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(esc_wdx, xorriso->wdx);
data/libisoburn-1.5.2/xorriso/emulators.c:1219:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathspec, eff_path);
data/libisoburn-1.5.2/xorriso/emulators.c:1314:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:1365:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "re-directing all messages to %s\n",
data/libisoburn-1.5.2/xorriso/emulators.c:1372:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Cannot open logfile: %s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:1387:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ra_text, xorriso->report_about_text);
data/libisoburn-1.5.2/xorriso/emulators.c:1468:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:1477:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "iso_9660_level=%s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:1538:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->wdi, eff_path);
data/libisoburn-1.5.2/xorriso/emulators.c:1652:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:1676:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:1745:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: %s",
data/libisoburn-1.5.2/xorriso/emulators.c:1827:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Not enough arguments to option %s",
data/libisoburn-1.5.2/xorriso/emulators.c:2036:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "untranslated_name_len=%s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2165:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathspec, xorriso->ascii_disc_label);
data/libisoburn-1.5.2/xorriso/emulators.c:2180:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathspec, cpt);
data/libisoburn-1.5.2/xorriso/emulators.c:2191:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:2209:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "sparc_label=%s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2218:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "grub2_sparc_core=%s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2260:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:2306:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Unsupported option %s",
data/libisoburn-1.5.2/xorriso/emulators.c:2312:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-as %s: Unrecognized option %s",
data/libisoburn-1.5.2/xorriso/emulators.c:2337:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_path, iso_rr_pt);
data/libisoburn-1.5.2/xorriso/emulators.c:2560:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "id_string=%s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2562:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "sel_crit=%s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2567:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "isohybrid=%s", argpt + 13);
data/libisoburn-1.5.2/xorriso/emulators.c:2587:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "iso_mbr_part_type=%s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2640:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "%s=%.16s", argpt + 1, argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2666:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "-as mkisofs %s %s", argpt, argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:2681:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfe, "-as mkisofs %s %s", argpt, argv[i]);
data/libisoburn-1.5.2/xorriso/filters.c:210:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_name, old_name);
data/libisoburn-1.5.2/xorriso/filters.c:241:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_name, "%s%s", old_name, suffix);
data/libisoburn-1.5.2/xorriso/filters.c:455:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s : Banned at compile time.", purpose);
data/libisoburn-1.5.2/xorriso/filters.c:479:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:706:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/findjob.c:992:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t->arg1, creator);
data/libisoburn-1.5.2/xorriso/findjob.c:993:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t->arg2, hfs_type);
data/libisoburn-1.5.2/xorriso/iso_img.c:255:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "%s %s\n", head, hr);
data/libisoburn-1.5.2/xorriso/iso_img.c:303:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Volume Id : %s\n", un0(iso_image_get_volume_id(image)));
data/libisoburn-1.5.2/xorriso/iso_img.c:305:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Volume Set Id: %s\n", xorriso->volset_id);
data/libisoburn-1.5.2/xorriso/iso_img.c:307:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Publisher Id : %s\n", xorriso->publisher);
data/libisoburn-1.5.2/xorriso/iso_img.c:309:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Preparer Id : %s\n",
data/libisoburn-1.5.2/xorriso/iso_img.c:312:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "App Id : %s\n", xorriso->application_id);
data/libisoburn-1.5.2/xorriso/iso_img.c:314:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "System Id : %s\n", xorriso->system_id);
data/libisoburn-1.5.2/xorriso/iso_img.c:316:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "CopyrightFile: %s\n", xorriso->copyright_file);
data/libisoburn-1.5.2/xorriso/iso_img.c:318:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Abstract File: %s\n", xorriso->abstract_file);
data/libisoburn-1.5.2/xorriso/iso_img.c:320:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Biblio File : %s\n", xorriso->biblio_file);
data/libisoburn-1.5.2/xorriso/iso_img.c:351:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Volume ID: '%s'",iso_image_get_volume_id(volume));
data/libisoburn-1.5.2/xorriso/iso_img.c:423:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image isolinux %s\n", bspec);
data/libisoburn-1.5.2/xorriso/iso_img.c:447:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s bin_path=", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:454:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s emul_type=%s\n",
data/libisoburn-1.5.2/xorriso/iso_img.c:460:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s platform_id=0x%-2.2x\n", form, platform_id);
data/libisoburn-1.5.2/xorriso/iso_img.c:465:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s boot_info_table=%s\n",
data/libisoburn-1.5.2/xorriso/iso_img.c:472:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image grub grub2_boot_info=%s\n",
data/libisoburn-1.5.2/xorriso/iso_img.c:479:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s load_size=full", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:482:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s load_size=%lu\n",
data/libisoburn-1.5.2/xorriso/iso_img.c:493:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s sel_crit=", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:505:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s id_string=", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:519:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image isolinux partition_entry=%s\n", partition_entry);
data/libisoburn-1.5.2/xorriso/iso_img.c:548:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image any hppa_%s=", what);
data/libisoburn-1.5.2/xorriso/iso_img.c:589:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image any mips%s_path=", sa_type ==2 ? "el" : "");
data/libisoburn-1.5.2/xorriso/iso_img.c:633:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "-boot_image any appended_part_as=%s\n",
data/libisoburn-1.5.2/xorriso/iso_img.c:697:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s patch\n",
data/libisoburn-1.5.2/xorriso/iso_img.c:701:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s keep\n", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:704:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s discard\n", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:713:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-boot_image %s cat_path=", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:722:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s cat_hidden=%s\n", form, hpt);
data/libisoburn-1.5.2/xorriso/iso_img.c:756:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-boot_image %s next\n", form);
data/libisoburn-1.5.2/xorriso/iso_img.c:880:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sa_summary, sa_report[i] + 21);
data/libisoburn-1.5.2/xorriso/iso_img.c:892:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt, "Boot record : (system area only) , %s\n", sa_summary);
data/libisoburn-1.5.2/xorriso/iso_img.c:907:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(respt + strlen(respt), " , %s", sa_summary);
data/libisoburn-1.5.2/xorriso/iso_img.c:979:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/iso_img.c:1112:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(libburn_adr, "stdio:%s", dev);
data/libisoburn-1.5.2/xorriso/iso_img.c:1176:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", mount_command);
data/libisoburn-1.5.2/xorriso/iso_img.c:1179:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Mount command: %s\n", mount_command);
data/libisoburn-1.5.2/xorriso/iso_img.c:1185:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", mount_command);
data/libisoburn-1.5.2/xorriso/iso_img.c:1378:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s : First sector already occupied by %s",
data/libisoburn-1.5.2/xorriso/iso_img.c:1453:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:1502:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmds[*cmd_count], buf);
data/libisoburn-1.5.2/xorriso/iso_img.c:1521:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf + strlen(buf), "--interval:%s:%.f%s-%.f%s:",
data/libisoburn-1.5.2/xorriso/iso_img.c:1875:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(contentpt, "%d %s %s %s %x %x %d %lu",
data/libisoburn-1.5.2/xorriso/iso_img.c:2233:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "-append_partition %d %s ", idx + 1, part_type_text);
data/libisoburn-1.5.2/xorriso/iso_img.c:2633:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "-boot_image %s bin_path=", et_imgs[idx].boot_image_type);
data/libisoburn-1.5.2/xorriso/iso_img.c:2639:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "-boot_image %s efi_path=", et_imgs[idx].boot_image_type);
data/libisoburn-1.5.2/xorriso/iso_img.c:2827:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", lines[i]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2924:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:206:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(img_name, trunc_name);
data/libisoburn-1.5.2/xorriso/iso_manip.c:335:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:339:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:422:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Cannot open as source directory: %s",
data/libisoburn-1.5.2/xorriso/iso_manip.c:471:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(img_name, name);
data/libisoburn-1.5.2/xorriso/iso_manip.c:480:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:566:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "User revoked adding of: %s",
data/libisoburn-1.5.2/xorriso/iso_manip.c:574:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:594:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Grafting failed: %s = %s",
data/libisoburn-1.5.2/xorriso/iso_manip.c:608:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Did not follow mount point : %s",
data/libisoburn-1.5.2/xorriso/iso_manip.c:928:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:978:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1120:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1141:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1280:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-cut_out: Unsupported file type (%s) with ",
data/libisoburn-1.5.2/xorriso/iso_manip.c:1388:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1416:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s in loaded ISO image is not a directory",
data/libisoburn-1.5.2/xorriso/iso_manip.c:1437:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sub_path, path);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1453:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sub_name, name);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1469:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Directory not removed: %s",
data/libisoburn-1.5.2/xorriso/iso_manip.c:1479:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s in loaded ISO image is a directory",
data/libisoburn-1.5.2/xorriso/iso_manip.c:1491:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1509:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1533:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1548:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Kept in existing state: %s",
data/libisoburn-1.5.2/xorriso/iso_manip.c:1577:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1606:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: May not overwrite directory: ", activity);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1611:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: May not overwrite: ", activity);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1620:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: User revoked removal of: ", activity);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1704:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir_adr, eff_dest);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1722:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir_adr, eff_origin);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1848:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir_adr, eff_dest);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1938:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_origin, "%s/%s", origin, namept);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1939:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_dest, "%s/%s", dest, namept);
data/libisoburn-1.5.2/xorriso/iso_manip.c:2557:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:2828:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "HFS blessing '%s' revoked from ",
data/libisoburn-1.5.2/xorriso/iso_manip.c:2831:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "HFS blessing '%s' issued to ", target);
data/libisoburn-1.5.2/xorriso/iso_manip.c:2895:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "-hfs-bless-by %s ", bless_code);
data/libisoburn-1.5.2/xorriso/iso_manip.c:2900:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_manip.c:2923:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "-hfsplus-file-creator-type %s ", crtp);
data/libisoburn-1.5.2/xorriso/iso_manip.c:2928:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_manip.c:3330:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "Report layout: %8s , %8s , %8s , %s\n",
data/libisoburn-1.5.2/xorriso/iso_manip.c:3334:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/iso_tree.c:84:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, wd);
data/libisoburn-1.5.2/xorriso/iso_tree.c:93:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_tree.c:149:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_path, link_target);
data/libisoburn-1.5.2/xorriso/iso_tree.c:213:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_path, path);
data/libisoburn-1.5.2/xorriso/iso_tree.c:441:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wpt, npt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:721:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "# owner: %s\n", pwd->pw_name);
data/libisoburn-1.5.2/xorriso/iso_tree.c:728:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "# group: %s\n", grp->gr_name);
data/libisoburn-1.5.2/xorriso/iso_tree.c:756:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*acl_text + strlen(*acl_text), "%s\n", cpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:775:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*acl_text + strlen(*acl_text), "default:%s\n", cpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:777:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*acl_text + strlen(*acl_text), "%s\n", cpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:870:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->result_line, bsl);
data/libisoburn-1.5.2/xorriso/iso_tree.c:875:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_tree.c:882:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*attr_text, xorriso->result_line);
data/libisoburn-1.5.2/xorriso/iso_tree.c:965:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, bsl);
data/libisoburn-1.5.2/xorriso/iso_tree.c:971:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, comp);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1320:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(type_text, text);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1433:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(show_path, rel_path);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1437:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, abs_path);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1501:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(show_path, rel_path);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1504:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, abs_path);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1528:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line+strlen(xorriso->result_line), "%s\n",
data/libisoburn-1.5.2/xorriso/iso_tree.c:2379:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disk_path, source_path);
data/libisoburn-1.5.2/xorriso/iso_tree.c:2418:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xorriso->result_line, type_text);
data/libisoburn-1.5.2/xorriso/iso_tree.c:2443:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xorriso->result_line, type_text);
data/libisoburn-1.5.2/xorriso/iso_tree.c:2698:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_tree.c:2726:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_tree.c:2729:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "# file: %s\n", bsl_path[0] ? bsl_path : ".");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:112:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(handler_prefix, "%s : ", xorriso->progname);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:172:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:232:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s", reason);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:449:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sfe, msg_text_pt);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:678:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xorriso_id, Xorriso_timestamP);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:828:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-jigdo: unknown aspect '%s'", aspect);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:846:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-jigdo %s : unknown argument '%s'", aspect, arg);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:860:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Experienced libjte failure with: -jigdo %s %s",
data/libisoburn-1.5.2/xorriso/lib_mgt.c:919:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "Local ACL : %s\n", ret & 1 ? "yes" : "no");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:921:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "Local xattr : %s\n", ret & 2 ? "yes" : "no");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:924:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "Jigdo files : %s\n",
data/libisoburn-1.5.2/xorriso/lib_mgt.c:933:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "zisofs : %s\n", ret == 2 ? "yes" : "no");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:936:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "Ext. filters : %s\n",
data/libisoburn-1.5.2/xorriso/lib_mgt.c:948:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "DVD obs 64 kB: %s\n",
data/libisoburn-1.5.2/xorriso/lib_mgt.c:956:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "Readline : %s\n",
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:172:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "No closing bracket found for '%s'", envelope);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:190:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wpt, front);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:195:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wpt, back);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:322:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line_out, line_in + 7);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:391:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, word);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:398:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, line_out);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:401:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, remainder);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:434:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line_out, line_in);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:455:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line_out, buf);
data/libisoburn-1.5.2/xorriso/match.c:67:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(absolute_adr,"%s/%s",wd,adr);
data/libisoburn-1.5.2/xorriso/match.c:106:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adr_part,cpt);
data/libisoburn-1.5.2/xorriso/match.c:156:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Your '..' bonked at the %s directory.",
data/libisoburn-1.5.2/xorriso/match.c:180:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->reg_expr,adr);
data/libisoburn-1.5.2/xorriso/match.c:202:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Cannot compile regular expression : %s",
data/libisoburn-1.5.2/xorriso/match.c:350:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:601:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:615:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:621:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:669:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir_adr, xorriso->wdx);
data/libisoburn-1.5.2/xorriso/match.c:726:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir_adr, xorriso->wdx);
data/libisoburn-1.5.2/xorriso/match.c:783:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/misc_funct.c:524:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, code);
data/libisoburn-1.5.2/xorriso/misc_funct.c:702:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%s %s %2.2d %2.2d:%2.2d:%2.2d %4.4d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:706:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%s %2.2d %2.2d:%2.2d:%2.2d %4.4d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:718:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%2d %3s %4.4d %2.2d:%2.2d:%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:722:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%3s %2d %2.2d:%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:725:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rpt+strlen(rpt), "%3s %2d %4.4d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:851:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*handle,old_handle);
data/libisoburn-1.5.2/xorriso/misc_funct.c:922:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wpt, rpt);
data/libisoburn-1.5.2/xorriso/misc_funct.c:979:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wpt, vars[i][1]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1323:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_target, target_prefix);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1333:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(eff_target, source_pt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:72:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->abstract_file, name);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:87:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-acl: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:146:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(source, optv[i]);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:153:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(source, ept+1);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:166:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, source);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:180:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, eff_path);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:184:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(source, eff_path);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:189:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Added to ISO image: %s '%s'='%s'\n",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:231:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-add_plainly: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:307:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:334:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:372:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->application_id,name);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:406:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:410:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:431:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:485:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->assert_volid_sev, sev_text);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:498:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-auto_charset: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:544:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-backslash_codes: unknown mode '%s'", cpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:571:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->biblio_file, name);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:590:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:597:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:632:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:650:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:664:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:816:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:825:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->boot_image_cat_path, xorriso->boot_image_bin_path);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:832:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->boot_image_bin_form, formpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:840:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->boot_image_bin_form, formpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:858:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->boot_image_bin_path, treatpt + 9);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:872:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->boot_image_bin_form, formpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:884:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->boot_image_bin_path, treatpt + 9);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:895:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_path, "-boot_image %s mips_path=", formpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:908:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_path, "-boot_image %s mipsel_path=", formpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:931:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_path, "-boot_image %s sparc_label=", formpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:946:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_path, "-boot_image %s %s", formpt, treatpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:956:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:971:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_path, "-boot_image %s %s", formpt, treatpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1002:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1026:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1055:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eff_path, "-boot_image %s partition_table=", formpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1066:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1089:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1142:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1154:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1165:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1185:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1199:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1220:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1230:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1246:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1260:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1285:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1306:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1353:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1364:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Unrecognized options with -boot_image: %s %s",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1426:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, xorriso->wdi);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1451:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->wdi, namept);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1490:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, xorriso->wdx);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1550:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-changes_pending: unknown state code '%s'",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1583:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1603:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-%scharset: Cannot convert to charset ",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1620:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Character set for %sconversion is now: ",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1870:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s: %10d , %10d , %s\n",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2389:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(delimiter_mem, xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2390:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(delimiter, argv[*idx + 1]);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2391:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->list_delimiter, delimiter);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2394:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->list_delimiter, delimiter_mem);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2418:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->list_delimiter, delimiter);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2422:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->list_delimiter, delimiter_mem);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2440:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->copyright_file, name);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2473:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest_dir, eff_dest);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2500:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_dest, dest_dir);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2570:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest_dir, eff_dest);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2584:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_dest, dest_dir);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2597:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Added to ISO image: %s '%s'='%s'\n",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2649:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest_dir, eff_dest);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2699:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_dest, dest_dir);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2722:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2771:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2779:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2785:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:84:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:92:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:185:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-dialog: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:203:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-disk_dev_ino: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:221:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-disk_pattern: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:247:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:324:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-drive_class clear : unknown class '%s'",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:331:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-drive_class: unknown class '%s'", d_class);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:378:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-early_stdio_test: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:398:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-ecma119_map: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:536:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:552:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-error_behavior: unknown occasion '%s'",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:571:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:636:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Extracted from ISO image: %s '%s'='%s'\n",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:660:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:669:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:676:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:699:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:927:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1080:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1391:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1519:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-follow: Value too %s with '%s'",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1527:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-follow: unknown mode '%s'", cpt);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1714:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-hardlinks: unknown mode '%s' in '%s'",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:2504:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,"usage: %s [settings|actions]\n",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:2515:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,"%s\n",tpt);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:2534:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-hfsplus: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:71:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-iso_rr_pattern: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:98:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-joliet: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:180:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->list_delimiter, text);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:340:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Cannot open logfile: %s", fileadr);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:572:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Added to ISO image: %s '%s'='%s'\n",
data/libisoburn-1.5.2/xorriso/opts_i_o.c:634:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: Not enough arguments given (%d < 3)", cmd,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:674:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arg2v[arg2c], eff_target);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:692:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(opt2v[new_opt2c], eff_source);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:709:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arg2v[arg2c], eff_source);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:757:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: disk_path ", cmd);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1039:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1081:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-mount_opts: unknown option '%s'", cpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1211:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", pargv[i]);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1220:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1230:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", Xorriso__severity_list(0));
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1233:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-msg_op: unknown operation '%s'", what);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1267:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest_dir, eff_dest);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1278:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eff_dest, dest_dir);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1345:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-named_pipe_loop: unknown mode in '%s'",
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1407:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Cannot add pattern: %s ",
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1430:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Empty file name given with %s",
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1527:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-not_mgt: unknown setting '%s'", what);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1598:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text + strlen(xorriso->info_text), "%s ", hpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1601:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xorriso->info_text, num_descr > 1 ? " ... " : " ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1602:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xorriso->info_text, xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1625:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xorriso->info_text, num_descr > 1 ? " ... " : " ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1626:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xorriso->info_text, xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1703:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"+ %d: %s\n",linecount,line);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1797:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-osirrox: unknown mode '%s'", cpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1816:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1834:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-overwrite: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:52:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:58:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:66:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-pacifier: unknown behavior code '%s'", style);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:131:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:139:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:145:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-paste_in from %s to %s, byte %.f to %.f",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:170:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Empty file name given with %s",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:256:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-pathspecs: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:285:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->preparer_id, name);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:306:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Output text too long for -print%s(%d > %d)",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:312:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"%s\n", text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:315:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->info_text, xorriso->mark_text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:316:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->mark_text, text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:318:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->mark_text, xorriso->info_text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:320:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,"%s\n",text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:419:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->publisher,name);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:472:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-read_fs: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:499:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-reassure: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:622:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, eff_path);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:628:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Removed from ISO image: %s '%s'\n",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:662:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-rockridge: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:734:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-rom_toc_scan: unknown mode in '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:758:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->rr_reloc_dir, name);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:773:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->scdbackup_tag_name, recname);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:794:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-scsi_dev_family: unknown family '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:811:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-scsi_log: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:885:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_path, line + 8);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:893:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uid, line + 9);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:901:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gid, line + 9);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:920:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1153:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_path, line + 8);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1169:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1327:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-sh_style_result: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1362:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-signal_handling: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1474:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1592:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->system_id, name);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1959:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-use_immed_bit: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1984:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%sxorriso %d.%d.%d%s\n",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1998:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2003:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "Version timestamp : %s\n",Xorriso_timestamP);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2005:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2013:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", license_text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2033:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", license_text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2080:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->volid, volid);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2096:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->volset_id, name);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2134:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->vol_uuid, timestring);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2136:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2183:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-write_type: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2204:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-xattr: unknown mode '%s'", mode);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2237:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2278:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-zisofs: unknown mode '%s'", cpt);
data/libisoburn-1.5.2/xorriso/parse_exec.c:108:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s : Not enough arguments given", cmd);
data/libisoburn-1.5.2/xorriso/parse_exec.c:129:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*optv)[i], argv[idx + i]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:137:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:191:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+l, " %s", filev[i]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:219:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(severity, xorriso->eternal_problem_status_text);
data/libisoburn-1.5.2/xorriso/parse_exec.c:222:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(severity, xorriso->problem_status_text);
data/libisoburn-1.5.2/xorriso/parse_exec.c:269:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->problem_status_text, sev_text);
data/libisoburn-1.5.2/xorriso/parse_exec.c:273:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->eternal_problem_status_text, sev_text);
data/libisoburn-1.5.2/xorriso/parse_exec.c:323:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:330:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:360:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: not enough arguments", cmd);
data/libisoburn-1.5.2/xorriso/parse_exec.c:390:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:434:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: unknown address mode '%s'", cmd, adr_mode);
data/libisoburn-1.5.2/xorriso/parse_exec.c:450:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: address value too long (80 < %d)",
data/libisoburn-1.5.2/xorriso/parse_exec.c:455:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entity_id, adr_value);
data/libisoburn-1.5.2/xorriso/parse_exec.c:465:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:500:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd_data, original_cmd);
data/libisoburn-1.5.2/xorriso/parse_exec.c:649:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Unknown option : '%s'", argv[0]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:806:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "#%s\n", commands[i] + 1);
data/libisoburn-1.5.2/xorriso/parse_exec.c:808:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "-%s\n", commands[i]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:919:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/parse_exec.c:991:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Command: %s", argv[*idx]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:994:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Parameter: %s", argv[*idx + i]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:1516:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:1767:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2014:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Not a known command: '%s'\n",
data/libisoburn-1.5.2/xorriso/parse_exec.c:2085:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Incomplete quotation in %s line: %s",
data/libisoburn-1.5.2/xorriso/parse_exec.c:2175:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line,xorriso->pending_option);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2222:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*arg, *argpt);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2251:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mem_list_delimiter, xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2421:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Not a known command: '%s'\n",
data/libisoburn-1.5.2/xorriso/parse_exec.c:2430:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->list_delimiter, mem_list_delimiter);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2568:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, xorriso->progname);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2626:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->vol_uuid, num_text);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2633:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2637:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "SOURCE_DATE_EPOCH : -volume_date uuid %s",
data/libisoburn-1.5.2/xorriso/parse_exec.c:2640:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2701:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2719:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mem_list_delimiter, xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2775:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->list_delimiter, mem_list_delimiter);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2802:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adr, wd);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2812:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adr, name);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2821:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adr, norm_adr);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2853:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: Unrecognized type '%s'", cmd, time_type);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2860:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: Cannot decode timestring '%s'", cmd,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2866:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Understanding timestring '%s' as: %s",
data/libisoburn-1.5.2/xorriso/parse_exec.c:2881:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2887:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2931:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*argv)[i], in_argv[i]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2977:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prog, argv[0]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2998:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prog, "%s/%s", cpt, argv[0]);
data/libisoburn-1.5.2/xorriso/parse_exec.c:3037:4: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(prog, argv); /* should never come back */
data/libisoburn-1.5.2/xorriso/parse_exec.c:3125:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Disk path parameter excluded by %s : ",
data/libisoburn-1.5.2/xorriso/read_run.c:228:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s : fs=%d dev=%.f ino=%.f (%s)",
data/libisoburn-1.5.2/xorriso/read_run.c:236:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s : dev=%.f ino=%.f",
data/libisoburn-1.5.2/xorriso/read_run.c:375:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/read_run.c:764:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Ignored file type: %s ", what);
data/libisoburn-1.5.2/xorriso/read_run.c:781:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/read_run.c:815:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Cannot restore file type '%s'", what);
data/libisoburn-1.5.2/xorriso/read_run.c:824:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:1073:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(part_path, img_path);
data/libisoburn-1.5.2/xorriso/read_run.c:1314:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Cannot open as (ISO) source directory: %s",
data/libisoburn-1.5.2/xorriso/read_run.c:1340:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Is not a directory in ISO image: %s",
data/libisoburn-1.5.2/xorriso/read_run.c:1393:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, leaf_name);
data/libisoburn-1.5.2/xorriso/read_run.c:1394:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disk_name, leaf_name);
data/libisoburn-1.5.2/xorriso/read_run.c:1670:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/sfile.c:154:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path+l,addon+1);
data/libisoburn-1.5.2/xorriso/sfile.c:156:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path+l,addon);
data/libisoburn-1.5.2/xorriso/sfile.c:320:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(zeitcode,puff);
data/libisoburn-1.5.2/xorriso/sfile.c:324:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(zeitcode,puff);
data/libisoburn-1.5.2/xorriso/sfile.c:368:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result,form,value);
data/libisoburn-1.5.2/xorriso/sfile.c:376:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result,form,value,scale_c);
data/libisoburn-1.5.2/xorriso/sfile.c:670:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*argv)[0],progname);
data/libisoburn-1.5.2/xorriso/sfile.c:767:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*argv)[argzaehl],buf);
data/libisoburn-1.5.2/xorriso/sfile.c:770:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((*argv)[argzaehl],"-%s", buf);
data/libisoburn-1.5.2/xorriso/sfile.c:823:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(target, source);
data/libisoburn-1.5.2/xorriso/sfile.c:825:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, source);
data/libisoburn-1.5.2/xorriso/sfile.c:841:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileadr,filename);
data/libisoburn-1.5.2/xorriso/sfile.c:847:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileadr,home);
data/libisoburn-1.5.2/xorriso/sfile.c:850:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileadr,filename);
data/libisoburn-1.5.2/xorriso/text_io.c:353:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, Xorriso_lst_get_text(xorriso->buffered_dialog, 0));
data/libisoburn-1.5.2/xorriso/text_io.c:395:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(linept, cpt);
data/libisoburn-1.5.2/xorriso/text_io.c:418:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Incomplete input line cleared by %s",
data/libisoburn-1.5.2/xorriso/text_io.c:458:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:542:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(previous_line,cpt);
data/libisoburn-1.5.2/xorriso/text_io.c:543:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:555:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:560:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "....... ( %s revoked )\n",abort_req_text);
data/libisoburn-1.5.2/xorriso/text_io.c:565:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:615:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->pending_option,cpt);
data/libisoburn-1.5.2/xorriso/text_io.c:792:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info_text,xorriso->info_text);
data/libisoburn-1.5.2/xorriso/text_io.c:799:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->info_text,info_text);
data/libisoburn-1.5.2/xorriso/text_io.c:1062:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prefix,"%s:x: ",channel_prefixes[channel_no]);
data/libisoburn-1.5.2/xorriso/text_io.c:2412:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line,"%s\n",xorriso->mark_text);
data/libisoburn-1.5.2/xorriso/text_io.c:2414:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->info_text,xorriso->result_line);
data/libisoburn-1.5.2/xorriso/text_io.c:2465:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "----------------- %s %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2468:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->result_line, "%s\n", msg_text);
data/libisoburn-1.5.2/xorriso/text_io.c:2475:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "ERRFILE_MARK=%s %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2478:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "ERRFILE=%s\n", msg_text);
data/libisoburn-1.5.2/xorriso/text_io.c:2534:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prefix,"%s%s : ", pfx_list[(flag>>2)&15], sev_text);
data/libisoburn-1.5.2/xorriso/text_io.c:2562:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(text, prefix);
data/libisoburn-1.5.2/xorriso/text_io.c:2571:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(text + strlen(text) - 1, " : %s\n", strerror(os_errno));
data/libisoburn-1.5.2/xorriso/text_io.c:2616:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Really perform %s which will %s ? (y/n)\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2623:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s confirmed", cmd);
data/libisoburn-1.5.2/xorriso/text_io.c:2628:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s aborted", cmd);
data/libisoburn-1.5.2/xorriso/text_io.c:2632:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s revoked", cmd);
data/libisoburn-1.5.2/xorriso/text_io.c:2651:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-session_log: Cannot open file %s",
data/libisoburn-1.5.2/xorriso/text_io.c:2737:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image %s %s", form, spec);
data/libisoburn-1.5.2/xorriso/text_io.c:2800:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-list_delimiter %s\n", xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/text_io.c:2825:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-use_readline %s\n", (xorriso->use_stdin?"off":"on"));
data/libisoburn-1.5.2/xorriso/text_io.c:2830:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-sh_style_result %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2875:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-pkt_output %s\n",(xorriso->packet_output?"on":"off"));
data/libisoburn-1.5.2/xorriso/text_io.c:2881:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-logfile %s %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2888:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-errfile_log %s\n",Text_shellsafe(xorriso->errfile_log,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:2894:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-check_media_defaults reset=now %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2914:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-signal_handling %s\n", treatment);
data/libisoburn-1.5.2/xorriso/text_io.c:2924:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-error_behavior image_loading %s\n", treatment);
data/libisoburn-1.5.2/xorriso/text_io.c:2933:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-error_behavior file_extraction %s\n", treatment);
data/libisoburn-1.5.2/xorriso/text_io.c:2938:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-mark %s\n",Text_shellsafe(xorriso->mark_text,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:2951:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-prog %s\n",Text_shellsafe(xorriso->progname,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:2960:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-early_stdio_test %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2991:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-osirrox %s\n", mode_pt);
data/libisoburn-1.5.2/xorriso/text_io.c:2993:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-osirrox %s:%s:%s:%s:%s:%s\n", mode_pt,
data/libisoburn-1.5.2/xorriso/text_io.c:3004:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-mount_opts %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3031:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-boot_image any partition_cyl_align=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3039:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-boot_image %s partition_table=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3047:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image any mbr_force_bootable=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3069:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image any part_like_isohybrid=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3089:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image any gpt_disk_guid=%s",
data/libisoburn-1.5.2/xorriso/text_io.c:3102:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-boot_image any chrp_boot_part=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3108:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-boot_image any prep_boot_part=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3114:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-boot_image any efi_boot_part=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3123:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-boot_image isolinux isohybrid=%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3158:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line + strlen(line),"%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3161:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-cdx %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3178:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-add_plainly %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3188:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-not_paths %s %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3193:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-not_leaf %s\n", Text_shellsafe(leafs->text, sfe, 0));
data/libisoburn-1.5.2/xorriso/text_io.c:3206:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-file_size_limit off %s\n", xorriso->list_delimiter);
data/libisoburn-1.5.2/xorriso/text_io.c:3208:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-file_size_limit %.f %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3214:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-not_mgt %s:%s:%s:%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3231:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-iso_rr_pattern %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3238:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-disk_pattern %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3245:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volid %s\n",Text_shellsafe(xorriso->volid,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3250:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"# loaded image effective -volid %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3257:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-preparer_id %s\n",Text_shellsafe(xorriso->preparer_id,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3262:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-publisher %s\n",Text_shellsafe(xorriso->publisher,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3267:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-application_id %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3273:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-system_id %s\n", Text_shellsafe(xorriso->system_id,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3278:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volset_id %s\n", Text_shellsafe(xorriso->volset_id,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3283:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volume_date c %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3290:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volume_date m %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3298:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volume_date x %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3305:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volume_date f %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3312:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volume_date uuid %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3318:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-volume_date all_file_dates %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3324:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-copyright_file %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3330:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-biblio_file %s\n",Text_shellsafe(xorriso->biblio_file,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3335:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-abstract_file %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3341:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-application_use %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3347:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-joliet %s\n", (xorriso->do_joliet == 1 ? "on" : "off"));
data/libisoburn-1.5.2/xorriso/text_io.c:3352:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-rockridge %s\n", (xorriso->do_rockridge == 1 ? "on" : "off"));
data/libisoburn-1.5.2/xorriso/text_io.c:3357:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-hfsplus %s\n", (xorriso->do_hfsplus == 1 ? "on" : "off"));
data/libisoburn-1.5.2/xorriso/text_io.c:3370:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-jigdo %s %s\n", Xorriso_lst_get_text(plst, 0),
data/libisoburn-1.5.2/xorriso/text_io.c:3391:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-pathspecs %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3416:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-follow %s\n", mode+1);
data/libisoburn-1.5.2/xorriso/text_io.c:3421:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-overwrite %s\n",(xorriso->do_overwrite == 1 ? "on" :
data/libisoburn-1.5.2/xorriso/text_io.c:3427:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-reassure %s\n",(xorriso->do_reassure == 1 ? "on" :
data/libisoburn-1.5.2/xorriso/text_io.c:3433:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-read_speed %s\n", Xorriso__speedname(xorriso->read_speed));
data/libisoburn-1.5.2/xorriso/text_io.c:3438:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-close %s\n",xorriso->auto_close ? "as_needed" :
data/libisoburn-1.5.2/xorriso/text_io.c:3444:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-write_type %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3450:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-dummy %s\n",(xorriso->do_dummy ? "on" : "off"));
data/libisoburn-1.5.2/xorriso/text_io.c:3455:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-speed %s\n", Xorriso__speedname(xorriso->write_speed));
data/libisoburn-1.5.2/xorriso/text_io.c:3469:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-stream_recording %s\n", mode);
data/libisoburn-1.5.2/xorriso/text_io.c:3493:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-modesty_on_drive %s\n", mode);
data/libisoburn-1.5.2/xorriso/text_io.c:3501:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-dvd_obs %s\n", mode);
data/libisoburn-1.5.2/xorriso/text_io.c:3554:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-padding %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3560:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-report_about %s\n",xorriso->report_about_text);
data/libisoburn-1.5.2/xorriso/text_io.c:3565:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-scsi_log %s\n", xorriso->scsi_log ? "on" : "off");
data/libisoburn-1.5.2/xorriso/text_io.c:3570:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-session_log %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3576:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-pacifier '%s'\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3588:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-return_with %s %d\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3594:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-abort_on %s\n",xorriso->abort_on_text);
data/libisoburn-1.5.2/xorriso/text_io.c:3611:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-rom_toc_scan %s:%s:%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3620:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-displacement %s%lu\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3629:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-load %s ", load_names[adr_mode]);
data/libisoburn-1.5.2/xorriso/text_io.c:3633:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line+strlen(line),"%s\n", xorriso->image_start_value);
data/libisoburn-1.5.2/xorriso/text_io.c:3635:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line+strlen(line),"%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3642:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-read_fs %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3650:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-calm_drive %s\n", xorriso->do_calm_drive & 1 ? "on" : "off");
data/libisoburn-1.5.2/xorriso/text_io.c:3656:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-grow_blindly %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3664:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-local_charset %s\n", Text_shellsafe(local_charset, sfe, 0));
data/libisoburn-1.5.2/xorriso/text_io.c:3682:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-charset %s\n", Text_shellsafe(in_pt, sfe, 0));
data/libisoburn-1.5.2/xorriso/text_io.c:3686:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-in_charset %s\n", Text_shellsafe(in_pt, sfe, 0));
data/libisoburn-1.5.2/xorriso/text_io.c:3689:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-out_charset %s\n", Text_shellsafe(out_pt, sfe, 0));
data/libisoburn-1.5.2/xorriso/text_io.c:3694:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-auto_charset %s\n", (xorriso->do_aaip & 256 ? "on" : "off"));
data/libisoburn-1.5.2/xorriso/text_io.c:3704:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-hardlinks %s:%s:%s\n", form,
data/libisoburn-1.5.2/xorriso/text_io.c:3713:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-acl %s\n", (xorriso->do_aaip & 1 ? "on" : "off"));
data/libisoburn-1.5.2/xorriso/text_io.c:3717:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-xattr %s\n", (xorriso->do_aaip & 4 ?
data/libisoburn-1.5.2/xorriso/text_io.c:3723:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-disk_dev_ino %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3771:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-compliance %s\n", sfe);
data/libisoburn-1.5.2/xorriso/text_io.c:3804:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-drive_class 'banned' %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3809:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-drive_class 'caution' %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3814:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-drive_class 'harmless' %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3821:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-drive_access %s:%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3828:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "-scsi_dev_family %s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3858:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-dev %s\n", Text_shellsafe(xorriso->indev,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3863:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-drive_access %s:%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3869:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-indev %s\n", Text_shellsafe(xorriso->indev,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3872:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-drive_access %s:%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3880:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-drive_access %s:%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3886:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-outdev %s\n", Text_shellsafe(xorriso->outdev,sfe,0));
data/libisoburn-1.5.2/xorriso/text_io.c:3889:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"-drive_access %s:%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3974:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s %s%s in",
data/libisoburn-1.5.2/xorriso/text_io.c:3978:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%.f of %.f %s%s in",
data/libisoburn-1.5.2/xorriso/text_io.c:3989:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:4020:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text), " %s %.1fx%s",
data/libisoburn-1.5.2/xorriso/text_io.c:4025:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:4067:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4079:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s: cannot create find job object", cmd);
data/libisoburn-1.5.2/xorriso/text_io.c:4340:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4381:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4390:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4458:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(exec_argv[0], exec_argv);
data/libisoburn-1.5.2/xorriso/text_io.c:4480:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4563:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4604:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4728:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_text + w, in_text);
data/libisoburn-1.5.2/xorriso/write_run.c:332:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:338:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Automatic formatting of %s failed",
data/libisoburn-1.5.2/xorriso/write_run.c:693:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso->boot_image_cat_path, bin_path);
data/libisoburn-1.5.2/xorriso/write_run.c:1229:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xorriso_id, xorriso->preparer_id);
data/libisoburn-1.5.2/xorriso/write_run.c:1234:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Overwrote previous preparer id '%s'",
data/libisoburn-1.5.2/xorriso/write_run.c:1473:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Writing to %s completed successfully.\n\n",
data/libisoburn-1.5.2/xorriso/write_run.c:1522:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1687:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:1699:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Writing: %10ds %s%% ",
data/libisoburn-1.5.2/xorriso/write_run.c:1703:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Writing: %10ds %s ",
data/libisoburn-1.5.2/xorriso/write_run.c:1713:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text), " %5.1fx%s ",
data/libisoburn-1.5.2/xorriso/write_run.c:1825:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1832:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Beginning to blank medium in mode '%s'.\n",
data/libisoburn-1.5.2/xorriso/write_run.c:1857:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Blanking ( %s %d seconds )",
data/libisoburn-1.5.2/xorriso/write_run.c:1989:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,"Media current: %s (%4.4xh)",
data/libisoburn-1.5.2/xorriso/write_run.c:2027:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Formatting ( %s %d seconds )",
data/libisoburn-1.5.2/xorriso/write_run.c:2098:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2131:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "%s as_needed: no need for action detected",
data/libisoburn-1.5.2/xorriso/write_run.c:2375:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2378:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:2383:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "Explicitly chosen write type: %s",
data/libisoburn-1.5.2/xorriso/write_run.c:2391:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:2695:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xorriso->info_text, "-compliance: unknown rule '%s'",
data/libisoburn-1.5.2/xorriso/parse_exec.c:2551:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
cpt= getenv("MKISOFSRC");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2559:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
cpt= getenv("HOME");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2597:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sec_text= getenv("SOURCE_DATE_EPOCH");
data/libisoburn-1.5.2/xorriso/sfile.c:842:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home= getenv("HOME");
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pending_mark[16];
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char progname[1024];
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[1024];
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char separators[256];
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:141:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *xargv[8];
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:172:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[4096];
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:185:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(boss.pending_mark, "%d", boss.mark_count);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mark_line[32];
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:271:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(boss->pending_mark, "%d", boss->mark_count);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32769], *line, *npt;
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:727:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rpt, *wpt, num_text[8], wdummy[8];
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:74:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int isoburn_initialize(char msg[1024], int flag)
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:192:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg + strlen(msg), "libjte-%d.%d.%d ", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:195:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "ok, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:197:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg + strlen(msg),
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:209:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "Cannot initialize libisofs\n");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:214:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "libisofs-%d.%d.%d ", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:219:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "ok, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:221:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"- TOO OLD -, need at least libisofs-%d.%d.%d ,\n",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:230:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "suspicious, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:232:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"- TOO OLD -, need at least libisofs-%d.%d.%d ,\n",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:240:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "Cannot initialize libburn\n");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:245:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "libburn-%d.%d.%d ", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:251:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "ok, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:253:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "- TOO OLD -, need at least libburn-%d.%d.%d ,\n",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:260:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg), "for libisoburn-%d.%d.%d", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80];
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80];
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:462:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "ROM medium has libburn track count = %d", track_count);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:697:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:930:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:957:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:960:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1000:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(reasons, "%d", (int) write_type);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1316:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, info, 64*1024);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1347:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info, buffer, 64*1024);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1464:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size_text, "%.f MB", ((double) scan_count) / 512.0);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1466:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size_text, "%.f kB", 2 * (double) scan_count);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1505:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1524:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "ISO image size %ds larger than readable size %ds",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1552:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size_text, "%.f MB", ((double) scan_count) / 512.0);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1554:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size_text, "%.f kB", 2 * (double) scan_count);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1563:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "ISO image size %ds larger than readable size %ds",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1879:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *image_blocks, char volid[33], int flag)
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1944:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33], *msg= NULL;
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1966:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
adr_num= atoi(adr_value);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:2050:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:2082:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Program error: Unknown msc1 address mode %d", adr_mode);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:2090:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:2106:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int adr_mode, char *adr_value,
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:2108:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33], int flag)
data/libisoburn-1.5.2/libisoburn/data_source.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/libisoburn-1.5.2/libisoburn/data_source.c:133:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, tiles[i]->cache_data + (lba - aligned_lba) * 2048, 2048);
data/libisoburn-1.5.2/libisoburn/data_source.c:159:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) tiles[oldest]->cache_data,
data/libisoburn-1.5.2/libisoburn/data_source.c:174:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "ds_read_block(%lu) returns %lX",
data/libisoburn-1.5.2/libisoburn/data_source.c:189:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, tiles[oldest]->cache_data + (lba - aligned_lba) * 2048, 2048);
data/libisoburn-1.5.2/libisoburn/isoburn.c:384:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buf, o->target_iso_head,
data/libisoburn-1.5.2/libisoburn/isoburn.c:667:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Waiting for data in fifo since %d seconds", i/30);
data/libisoburn-1.5.2/libisoburn/isoburn.c:678:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/isoburn.c:898:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/libisoburn-1.5.2/libisoburn/isoburn.c:908:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Requested size of data cache exceeds limit of %.f blocks",
data/libisoburn-1.5.2/libisoburn/isoburn.c:1366:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/isoburn.c:1511:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81], char timestamp[19],
data/libisoburn-1.5.2/libisoburn/isoburn.c:1511:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81], char timestamp[19],
data/libisoburn-1.5.2/libisoburn/isoburn.c:1524:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[32768], int options)
data/libisoburn-1.5.2/libisoburn/isoburn.c:1536:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opts->system_area_data, data, 32768);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1544:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[32768], int *options)
data/libisoburn-1.5.2/libisoburn/isoburn.c:1549:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, opts->system_area_data, 32768);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1572:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[17])
data/libisoburn-1.5.2/libisoburn/isoburn.c:1702:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/libisoburn-1.5.2/libisoburn/isoburn.c:1706:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Partition number is out of range (1 ... %d)",
data/libisoburn-1.5.2/libisoburn/isoburn.c:1746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/libisoburn-1.5.2/libisoburn/isoburn.c:1750:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Partition number is out of range (1 ... %d)",
data/libisoburn-1.5.2/libisoburn/isoburn.c:1795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/libisoburn-1.5.2/libisoburn/isoburn.c:1799:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Partition number is out of range (1 ... %d)",
data/libisoburn-1.5.2/libisoburn/isoburn.c:1805:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opts->appended_part_type_guids[partition_number - 1], guid, 16);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1825:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guids[i], opts->appended_part_type_guids[i], 16);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1886:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opts->iso_gpt_type_guid, guid, 16);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1895:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guid, opts->iso_gpt_type_guid, 16);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1911:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opts->gpt_guid, guid, 16);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1920:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guid, opts->gpt_guid, 16);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1944:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(opts->hfsp_serial_number, serial_number, 8);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1952:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(serial_number, opts->hfsp_serial_number, 8);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1960:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/libisoburn-1.5.2/libisoburn/isoburn.c:1966:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Not a supported HFS+ size (%d <-> 0, 512, 2048)",
data/libisoburn-1.5.2/libisoburn/isoburn.c:1974:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Not a supported APM block size (%d <-> 0, 512, 2048)",
data/libisoburn-1.5.2/libisoburn/isoburn.h:644:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scdbackup_tag_name[81];
data/libisoburn-1.5.2/libisoburn/isoburn.h:645:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scdbackup_tag_time[19];
data/libisoburn-1.5.2/libisoburn/isoburn.h:669:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[17];
data/libisoburn-1.5.2/libisoburn/isoburn.h:699:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *appended_partitions[Libisoburn_max_appended_partitionS];
data/libisoburn-1.5.2/libisoburn/isoburn.h:739:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_disc_label[Libisoburn_disc_label_sizE];
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:234:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "No ISO 9660 image at LBA %d. Creating blank image.", int_num);
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:244:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Displacement offset leads outside 32 bit range.");
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:504:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:678:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head + 16 * 2048 + 1, "CDXX1", 5);
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:685:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head + i + 1, "BEAX1", 5);
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:687:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head + i + 1, "NSRX", 4);
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:689:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head + i + 1, "TEAX", 4);
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:691:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(((unsigned char *) head)[i] == 0xff)
data/libisoburn-1.5.2/libisoburn/isofs_wrap.c:693:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head + i + 3, "XX", 2);
data/libisoburn-1.5.2/libisoburn/libisoburn.h:189:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int isoburn_initialize(char msg[1024], int flag);
data/libisoburn-1.5.2/libisoburn/libisoburn.h:702:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *image_blocks, char volid[33], int flag);
data/libisoburn-1.5.2/libisoburn/libisoburn.h:765:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int adr_mode, char *adr_value,
data/libisoburn-1.5.2/libisoburn/libisoburn.h:767:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33], int flag);
data/libisoburn-1.5.2/libisoburn/libisoburn.h:1552:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81], char timestamp[19],
data/libisoburn-1.5.2/libisoburn/libisoburn.h:1552:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81], char timestamp[19],
data/libisoburn-1.5.2/libisoburn/libisoburn.h:1632:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[32768], int options);
data/libisoburn-1.5.2/libisoburn/libisoburn.h:1634:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[32768], int *options);
data/libisoburn-1.5.2/libisoburn/libisoburn.h:1706:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[17]);
data/libisoburn-1.5.2/test/compare_file.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Ftimetxt(time_t t, char timetext[40], int flag)
data/libisoburn-1.5.2/test/compare_file.c:75:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Ftimetxt(time_t t, char timetext[40], int flag)
data/libisoburn-1.5.2/test/compare_file.c:79:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char months[12][4]= { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
data/libisoburn-1.5.2/test/compare_file.c:86:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%12.f", (double) t);
data/libisoburn-1.5.2/test/compare_file.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[4096], buf2[4096], a[4096], ttx1[40], ttx2[40];
data/libisoburn-1.5.2/test/compare_file.c:190:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd1= open(adr1, O_RDONLY | O_BINARY);
data/libisoburn-1.5.2/test/compare_file.c:195:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd2= open(adr2, O_RDONLY | O_BINARY);
data/libisoburn-1.5.2/test/compare_file.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adr1[4096], adr2[4096], adrc[4096];
data/libisoburn-1.5.2/xorriso/aux_objects.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cpt, *ept, scale[4];
data/libisoburn-1.5.2/xorriso/aux_objects.c:275:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adr[SfileadrL];
data/libisoburn-1.5.2/xorriso/aux_objects.c:384:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Dirseq_next_adr(struct DirseQ *o, char reply[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/aux_objects.c:526:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->text,data,data_len);
data/libisoburn-1.5.2/xorriso/aux_objects.c:955:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(m->stbuf), stbuf, sizeof(struct stat));
data/libisoburn-1.5.2/xorriso/aux_objects.c:988:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/aux_objects.c:998:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/aux_objects.c:1014:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/aux_objects.h:62:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Dirseq_next_adr(struct DirseQ *o, char reply[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/base_obj.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Xorriso_sys_rc_nameS[Xorriso_rc_nuM][80]= {
data/libisoburn-1.5.2/xorriso/base_obj.c:137:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m->list_delimiter, "--");
data/libisoburn-1.5.2/xorriso/base_obj.c:170:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m->volid, "ISOIMAGE");
data/libisoburn-1.5.2/xorriso/base_obj.c:386:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m->report_about_text, "UPDATE");
data/libisoburn-1.5.2/xorriso/base_obj.c:389:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m->abort_on_text,"FAILURE");
data/libisoburn-1.5.2/xorriso/base_obj.c:401:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m->return_with_text, "SORRY");
data/libisoburn-1.5.2/xorriso/check_media.c:137:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(debug_verbous) {char quality_name[80];
data/libisoburn-1.5.2/xorriso/check_media.c:208:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Spotlist__quality_name(int quality, char name[80], int bad_limit,
data/libisoburn-1.5.2/xorriso/check_media.c:208:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Spotlist__quality_name(int quality, char name[80], int bad_limit,
data/libisoburn-1.5.2/xorriso/check_media.c:214:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "0 ");
data/libisoburn-1.5.2/xorriso/check_media.c:216:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "- ");
data/libisoburn-1.5.2/xorriso/check_media.c:218:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "+ ");
data/libisoburn-1.5.2/xorriso/check_media.c:220:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "good");
data/libisoburn-1.5.2/xorriso/check_media.c:222:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "md5_match");
data/libisoburn-1.5.2/xorriso/check_media.c:224:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "slow");
data/libisoburn-1.5.2/xorriso/check_media.c:226:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "partial");
data/libisoburn-1.5.2/xorriso/check_media.c:228:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "valid");
data/libisoburn-1.5.2/xorriso/check_media.c:230:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "untested");
data/libisoburn-1.5.2/xorriso/check_media.c:232:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "md5_mismatch");
data/libisoburn-1.5.2/xorriso/check_media.c:234:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "invalid");
data/libisoburn-1.5.2/xorriso/check_media.c:236:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "tao_end");
data/libisoburn-1.5.2/xorriso/check_media.c:238:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "off_track");
data/libisoburn-1.5.2/xorriso/check_media.c:240:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "unreadable");
data/libisoburn-1.5.2/xorriso/check_media.c:242:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "0 0x%8.8X", (unsigned int) quality);
data/libisoburn-1.5.2/xorriso/check_media.c:301:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd= open(path, O_RDONLY | O_BINARY);
data/libisoburn-1.5.2/xorriso/check_media.c:305:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Cannot open path ");
data/libisoburn-1.5.2/xorriso/check_media.c:316:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Not a sector bitmap file: ");
data/libisoburn-1.5.2/xorriso/check_media.c:348:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Cannot allocate bitmap memory for %d sectors", sectors);
data/libisoburn-1.5.2/xorriso/check_media.c:360:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(map + i, buf, todo);
data/libisoburn-1.5.2/xorriso/check_media.c:378:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[40];
data/libisoburn-1.5.2/xorriso/check_media.c:381:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd= open(path, O_WRONLY | O_CREAT | O_BINARY, S_IRUSR | S_IWUSR);
data/libisoburn-1.5.2/xorriso/check_media.c:385:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Cannot open path ");
data/libisoburn-1.5.2/xorriso/check_media.c:395:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Info string is longer than 999999 bytes");
data/libisoburn-1.5.2/xorriso/check_media.c:398:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) buf, "xorriso sector bitmap v2 %-6d\n", l);
data/libisoburn-1.5.2/xorriso/check_media.c:405:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Cannot write to ");
data/libisoburn-1.5.2/xorriso/check_media.c:584:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m->abort_file_path, "/var/opt/xorriso/do_abort_check_media");
data/libisoburn-1.5.2/xorriso/check_media.c:596:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m->event_severity, "ALL");
data/libisoburn-1.5.2/xorriso/check_media.c:653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sev_text[20];
data/libisoburn-1.5.2/xorriso/check_media.c:708:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-check_media event=");
data/libisoburn-1.5.2/xorriso/check_media.c:710:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " : Not a known severity name");
data/libisoburn-1.5.2/xorriso/check_media.c:761:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/check_media.c:853:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report, "-check_media_defaults");
data/libisoburn-1.5.2/xorriso/check_media.c:855:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(report, " reset=now");
data/libisoburn-1.5.2/xorriso/check_media.c:864:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), " min_lba=%d", job->min_lba);
data/libisoburn-1.5.2/xorriso/check_media.c:866:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), " max_lba=%d", job->max_lba);
data/libisoburn-1.5.2/xorriso/check_media.c:871:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), " time_limit=%d", job->time_limit);
data/libisoburn-1.5.2/xorriso/check_media.c:873:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), " item_limit=%d", job->item_limit);
data/libisoburn-1.5.2/xorriso/check_media.c:875:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(report, " abort_file=");
data/libisoburn-1.5.2/xorriso/check_media.c:881:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(report, " data_to=");
data/libisoburn-1.5.2/xorriso/check_media.c:887:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(report, " sector_map=");
data/libisoburn-1.5.2/xorriso/check_media.c:894:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), " patch_lba0=");
data/libisoburn-1.5.2/xorriso/check_media.c:896:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), "off");
data/libisoburn-1.5.2/xorriso/check_media.c:909:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), " slow_limit=%f", job->slow_threshold_seq);
data/libisoburn-1.5.2/xorriso/check_media.c:915:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(report + strlen(report), " chunk_size=%ds", job->min_block_size);
data/libisoburn-1.5.2/xorriso/check_media.c:969:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-check_media: Reached item_limit=%d",
data/libisoburn-1.5.2/xorriso/check_media.c:1084:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
job->data_to_fd= open(job->data_to_path, O_RDWR | O_CREAT | O_BINARY,
data/libisoburn-1.5.2/xorriso/check_media.c:1087:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot open path ");
data/libisoburn-1.5.2/xorriso/check_media.h:78:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Spotlist__quality_name(int quality, char name[80], int bad_limit,
data/libisoburn-1.5.2/xorriso/check_media.h:78:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Spotlist__quality_name(int quality, char name[80], int bad_limit,
data/libisoburn-1.5.2/xorriso/check_media.h:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abort_file_path[SfileadrL];
data/libisoburn-1.5.2/xorriso/check_media.h:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_to_path[SfileadrL];
data/libisoburn-1.5.2/xorriso/check_media.h:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sector_map_path[SfileadrL];
data/libisoburn-1.5.2/xorriso/check_media.h:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char event_severity[20]; /* If not "ALL": trigger event of given severity
data/libisoburn-1.5.2/xorriso/cmp_update.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_md5[16], iso_md5[16];
data/libisoburn-1.5.2/xorriso/cmp_update.c:72:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd1= open(disk_adr, O_RDONLY | O_BINARY);
data/libisoburn-1.5.2/xorriso/cmp_update.c:229:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(offset_text, "%.f+", (double) offset);
data/libisoburn-1.5.2/xorriso/cmp_update.c:241:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(offset_text, "%.f+", (double) offset);
data/libisoburn-1.5.2/xorriso/cmp_update.c:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ttx1[40], ttx2[40];
data/libisoburn-1.5.2/xorriso/cmp_update.c:338:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(respt, "? ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:354:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(respt, "? ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:373:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(a, " (DISK)");
data/libisoburn-1.5.2/xorriso/cmp_update.c:378:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(a, " :");
data/libisoburn-1.5.2/xorriso/cmp_update.c:384:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(respt, "? ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:386:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(respt, " (ISO) : cannot find this file in ISO image\n");
data/libisoburn-1.5.2/xorriso/cmp_update.c:686:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_pfx_disk_path(struct XorrisO *xorriso, char *iso_path,
data/libisoburn-1.5.2/xorriso/cmp_update.c:687:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *iso_prefix, char *disk_prefix,
data/libisoburn-1.5.2/xorriso/cmp_update.c:687:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *iso_prefix, char *disk_prefix,
data/libisoburn-1.5.2/xorriso/cmp_update.c:688:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/cmp_update.c:806:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Missing on disk and in ISO: disk_path ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:828:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Problems with reading disk file ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:871:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Deleted and re-added ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:879:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Deleted ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:967:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Widened hard link ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:969:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Added/overwrote ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:1006:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Adjusted attributes of ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:1017:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " (");
data/libisoburn-1.5.2/xorriso/cmp_update.c:1025:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " (");
data/libisoburn-1.5.2/xorriso/cmp_update.h:20:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_pfx_disk_path(struct XorrisO *xorriso, char *iso_path,
data/libisoburn-1.5.2/xorriso/cmp_update.h:21:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *iso_prefix, char *disk_prefix,
data/libisoburn-1.5.2/xorriso/cmp_update.h:21:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *iso_prefix, char *disk_prefix,
data/libisoburn-1.5.2/xorriso/cmp_update.h:22:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/disk_ops.c:45:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_resolve_link(struct XorrisO *xorriso, char *link_path,
data/libisoburn-1.5.2/xorriso/disk_ops.c:46:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result_path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/disk_ops.c:58:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Too many link recursions before : ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:82:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain link target of : ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:87:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:97:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Empty link target with : ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:137:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Too many link hops with : ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[80];
data/libisoburn-1.5.2/xorriso/disk_ops.c:162:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,"%.f",num);
data/libisoburn-1.5.2/xorriso/disk_ops.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[80];
data/libisoburn-1.5.2/xorriso/disk_ops.c:186:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text,"%.f",num);
data/libisoburn-1.5.2/xorriso/disk_ops.c:312:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:325:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Detected symbolic link loop around : ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:334:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:387:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain disk directory iterator");
data/libisoburn-1.5.2/xorriso/disk_ops.c:501:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *) filev[j]);
data/libisoburn-1.5.2/xorriso/disk_ops.c:569:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%-7.f ",(double) (report_size));
data/libisoburn-1.5.2/xorriso/disk_ops.c:571:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%7.f ",(double) (report_size));
data/libisoburn-1.5.2/xorriso/disk_ops.c:589:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *) filev[i]);
data/libisoburn-1.5.2/xorriso/disk_ops.c:602:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso__mode_to_perms(mode_t st_mode, char perms[11], int flag)
data/libisoburn-1.5.2/xorriso/disk_ops.c:606:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(perms,"--------- ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:664:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rpt, perms[11], mm_text[80];
data/libisoburn-1.5.2/xorriso/disk_ops.c:696:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt)," %3u ",(unsigned int) stbuf->st_nlink);
data/libisoburn-1.5.2/xorriso/disk_ops.c:698:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%-8lu ", (unsigned long) stbuf->st_uid);
data/libisoburn-1.5.2/xorriso/disk_ops.c:699:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%-8lu ", (unsigned long) stbuf->st_gid);
data/libisoburn-1.5.2/xorriso/disk_ops.c:716:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mm_text, "%u,%u", (unsigned int) major, (unsigned int) minor);
data/libisoburn-1.5.2/xorriso/disk_ops.c:719:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%8.f ", (double) stbuf->st_size);
data/libisoburn-1.5.2/xorriso/disk_ops.c:834:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Not found in local filesystem: ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:843:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Valid local files found: %d\n",filec-was_error);
data/libisoburn-1.5.2/xorriso/disk_ops.c:873:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, ":\n");
data/libisoburn-1.5.2/xorriso/disk_ops.c:883:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "total %d\n", dfilec);
data/libisoburn-1.5.2/xorriso/disk_ops.c:919:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt, "%-7.f ",(double) (size/1024));
data/libisoburn-1.5.2/xorriso/disk_ops.c:921:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt, "%7.f ",(double) (size/1024));
data/libisoburn-1.5.2/xorriso/disk_ops.c:925:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, " -> ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:992:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "May not delete root directory");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1071:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-rm_rx is not implemented yet");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1211:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Emptied directory ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1230:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "d ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1232:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1313:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir_stbuf, &stbuf, sizeof(struct stat));
data/libisoburn-1.5.2/xorriso/disk_ops.c:1343:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain disk directory iterator");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1357:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Failed to obtain next directory entry");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1530:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1533:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1536:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1539:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1546:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1561:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Kept in existing state: ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1590:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp_path, "_tmp_xorriso_restore_XXXXXX");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1591:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
*fd= mkstemp(tmp_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1595:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Cannot create temporary file : ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1649:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1702:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char img_path[SfileadrL], char disk_path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1702:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char img_path[SfileadrL], char disk_path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1771:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Hardlinking failed: ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1773:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " -> ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1808:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp= fopen(filename+5,mode);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1810:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp= fopen(filename,mode);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1831:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_make_mount_cmd(struct XorrisO *xorriso, char *cmd,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1832:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int lba, int track, int session, char *volid,
data/libisoburn-1.5.2/xorriso/disk_ops.c:1833:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *devadr, char result[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1833:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *devadr, char result[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vars[5][2], *sfe= NULL, *volid_sfe= NULL, *cpt, *sysname;
data/libisoburn-1.5.2/xorriso/disk_ops.c:1938:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(session_text, "%d", session);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1939:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(track_text, "%d", track);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1940:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lba_text, "%d", lba);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1967:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[81], name[81], timestamp[81], size[81], md5[81];
data/libisoburn-1.5.2/xorriso/disk_ops.c:1980:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp= fopen(xorriso->scdbackup_tag_listname, "a");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1982:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-scdbackup_tag: Cannot open file ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:2065:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:2089:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:2105:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd= open(target, O_WRONLY | O_TRUNC | O_CREAT | O_BINARY, 0666);
data/libisoburn-1.5.2/xorriso/disk_ops.c:2114:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd= open(target, O_WRONLY | O_CREAT | O_BINARY, 0666);
data/libisoburn-1.5.2/xorriso/disk_ops.c:2119:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:2137:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-concat: Unknown mode ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:2139:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, ". Known modes: overwrite, append, pipe");
data/libisoburn-1.5.2/xorriso/disk_ops.c:2144:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.c:2157:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/disk_ops.h:20:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *link_path, char result_path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/disk_ops.h:20:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *link_path, char result_path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/disk_ops.h:36:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso__mode_to_perms(mode_t st_mode, char perms[11], int flag);
data/libisoburn-1.5.2/xorriso/disk_ops.h:112:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char img_path[SfileadrL], char disk_path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/disk_ops.h:112:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char img_path[SfileadrL], char disk_path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/disk_ops.h:120:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_make_mount_cmd(struct XorrisO *xorriso, char *cmd,
data/libisoburn-1.5.2/xorriso/disk_ops.h:121:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int lba, int track, int session, char *volid,
data/libisoburn-1.5.2/xorriso/disk_ops.h:122:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *devadr, char result[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/disk_ops.h:122:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *devadr, char result[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:92:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Drive address ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:94:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:110:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Drive address ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:112:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " rejected because: ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:114:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, "not MMC");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:116:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, "not existing");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:117:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " and -drive_class 'caution' ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:143:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Drive address banned by -ban_stdio_write : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33], *adr_data= NULL, *adr_pt;
data/libisoburn-1.5.2/xorriso/drive_mgt.c:248:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:266:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:271:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(libburn_adr, "stdio:/dev/fd/%d", xorriso->dev_fd_1);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:293:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:298:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "No drive acquired on re-assessment");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:362:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:415:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(volid, "%d", lba);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:445:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Disc status unsuitable for writing");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:472:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:498:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:568:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:588:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Cannot read ISO image tree");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:727:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Giving up for -eject whole -dev ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:741:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:773:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:794:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:810:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "The output drive was acquired readonly.");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:812:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Possible remedy: -drive_access \"exclusive:unrestricted\".");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:813:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text," Then give up and re-acquire the drive.");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:816:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "If you insist in -drive_access \"shared:unrestricted\", first read man xorriso about the risks.");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:879:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Gave up -outdev ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:889:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Re-assessing -outdev ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:892:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " (");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:901:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Could not re-assess -outdev ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:960:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt + strlen(respt), "(not found in manufacturer list)\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:964:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt + strlen(respt), "(error during manufacturer lookup)\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:999:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80],*respt,*devadr, *typetext= "";
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_text[80], *num_free_text;
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1012:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_id[33];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1082:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Media current: ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1088:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "%4.4Xh", profile_no);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1090:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), ", Pseudo Overwrite formatted");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1092:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), ", overwriteable");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1094:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), ", random read-only");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1096:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), ", random write-only");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1098:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), ", sequential");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1101:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is not recognizable\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1112:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Media status : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1114:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is unsuitable , is POW formatted");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1117:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is not recognizable\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1119:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is written , is closed");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1121:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is written , is appendable");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1123:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is blank");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1125:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is not present");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1127:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "is not recognizable");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1131:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), " , but next track is damaged");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1133:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), " , but no writable address");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1137:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), " , but will need -close on");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1141:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), " , but will need -close \"on\"");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1151:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Media id : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1154:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "%2.2X", (unsigned int) ((unsigned char *) sno)[i]);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1154:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sprintf(respt, "%2.2X", (unsigned int) ((unsigned char *) sno)[i]);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1158:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(respt, "...");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1200:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1223:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Media summary: 0 sessions, 0 data blocks, 0 data");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1234:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1266:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain Table Of Content");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1348:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1426:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Non-data blks: %d\n", other_data);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1433:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Media nwa : %ds\n", nwa);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1439:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1446:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Incomplete session encountered !");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1467:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *respt, perms[8];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1473:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Beginning to scan for devices ...\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1487:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "No drives found");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1491:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Full drive scan done\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1494:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-----------------------------------------------------------------------------\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1499:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(adr, "-get_adr_failed-");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1514:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(adr, "-get_adr_failed-");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1517:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(perms,"errno=%d",errno);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1519:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(perms,"------");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1544:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-----------------------------------------------------------------------------\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_text[80], profile_name[90], *respt;
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1615:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain format list info");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1627:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status_text, "unformatted, up to %.1f MiB",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1632:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status_text, "formatted, with %.1f MiB",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1635:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status_text, "written, with %.1f MiB",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1639:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status_text, "intermediate or unknown");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1641:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status_text, "no media or unknown media");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1643:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(status_text, "illegal status according to MMC-5");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1648:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "BD Spare Area: %d blocks consumed, %d blocks available\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1657:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Format idx %-2d: %2.2Xh , %.fs , %.1f MiB\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is_current[64];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1773:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain speed list info");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1780:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1796:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1838:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Write speed : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1840:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Read speed : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1866:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Write speed l: ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1873:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Write speed h: ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1887:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Write speed L: ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1889:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Read speed L : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1896:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Write speed H: ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1898:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Read speed H : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1965:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is_current[64], profile_name[90], *respt;
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1977:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(profile_name, "unknown");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1995:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is_current[64];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1996:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *respt, profile_name[80];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2009:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Device type : ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2051:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Driver flags : BURNFREE\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2052:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt+strlen(respt), "Supported modes: SAO TAO\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2055:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Not a CD/DVD/BD recorder");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2066:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(profile_name, "-unidentified-");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2076:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Current: none\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2078:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "No recognizable medium found in drive");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2094:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "xorriso: message for sdvdbackup: \"(growisofs mode Restricted Overwrite)\"\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2098:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "ATIP info from disk:\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2101:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, " Is erasable\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2103:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, " Is not erasable\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2109:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, " ATIP start of lead in: %d (%-2.2d:%-2.2d/%-2.2d)\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2113:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, " ATIP start of lead out: %d (%-2.2d:%-2.2d/%-2.2d)\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2122:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2179:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80], int flag)
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2250:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain address of most recent session");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2259:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain next writeable address on media");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2309:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
off_t end_lba, char md5[16], int flag)
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2366:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[16], md5_text[33];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2376:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2382:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Checking loaded session by its recorded MD5.\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2385:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(md5_text + 2 * i, "%2.2x", ((unsigned char *) md5)[i]);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2385:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sprintf(md5_text + 2 * i, "%2.2x", ((unsigned char *) md5)[i]);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[16], tag_md5[16], *tag_type_name= "", *comparison, *sev_text;
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2544:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, " Expected: %u Found: %u",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2663:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2755:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[16];
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2846:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2878:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-check_media: Reached item_limit=%d",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2886:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-check_media: Reached time_limit=%d",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3030:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot write %d bytes to lba %d of ",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3071:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Xorriso_check_interval: %.1f s / %d = %f",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3087:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Missing announced MD5 tag: start=%d pos=%d",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3104:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3238:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "-check_media: Track %d of session %d begins after end of readable medium area.",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3247:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "-check_media: Last CD track exceeds readable area by 2 blocks. Assuming TAO.");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3250:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "-check_media: Track %d of session %d extends over the end of readable medium area.",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3351:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "No content detected on media");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3445:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:3469:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/drive_mgt.h:24:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
off_t end_lba, char md5[16], int flag);
data/libisoburn-1.5.2/xorriso/emulators.c:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_report_about_text[80], *report_about= "SORRY", blank_mode[80];
data/libisoburn-1.5.2/xorriso/emulators.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char speed[80], *argpt;
data/libisoburn-1.5.2/xorriso/emulators.c:237:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(blank_mode, "all");
data/libisoburn-1.5.2/xorriso/emulators.c:239:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(blank_mode, "fast");
data/libisoburn-1.5.2/xorriso/emulators.c:241:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(blank_mode, "help");
data/libisoburn-1.5.2/xorriso/emulators.c:248:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(blank_mode, "format_overwrite");
data/libisoburn-1.5.2/xorriso/emulators.c:250:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(blank_mode, "as_needed");
data/libisoburn-1.5.2/xorriso/emulators.c:254:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " not supported. See blank=help .");
data/libisoburn-1.5.2/xorriso/emulators.c:423:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "First and only track source is ");
data/libisoburn-1.5.2/xorriso/emulators.c:436:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Cdrecord 2.01-Emulation Copyright (C) 2019 see libburnia-project.org xorriso\n");
data/libisoburn-1.5.2/xorriso/emulators.c:474:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:481:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:484:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Waiting for data on stdin...\n");
data/libisoburn-1.5.2/xorriso/emulators.c:492:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "xorriso: Option -waiti pausing is done.\n");
data/libisoburn-1.5.2/xorriso/emulators.c:513:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d,%d\n", msc1, msc2);
data/libisoburn-1.5.2/xorriso/emulators.c:955:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra_text[80];
data/libisoburn-1.5.2/xorriso/emulators.c:986:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[1];
data/libisoburn-1.5.2/xorriso/emulators.c:1061:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[1];
data/libisoburn-1.5.2/xorriso/emulators.c:1083:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_genisofs_fused_options(struct XorrisO *xorriso, char *whom,
data/libisoburn-1.5.2/xorriso/emulators.c:1084:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *opts,
data/libisoburn-1.5.2/xorriso/emulators.c:1086:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra_text[80], int flag)
data/libisoburn-1.5.2/xorriso/emulators.c:1154:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ra_text, "UPDATE");
data/libisoburn-1.5.2/xorriso/emulators.c:1200:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pathspec, "/=");
data/libisoburn-1.5.2/xorriso/emulators.c:1264:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfe, "iso_9660_level=%d", *iso_level);
data/libisoburn-1.5.2/xorriso/emulators.c:1290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char re_id[64];
data/libisoburn-1.5.2/xorriso/emulators.c:1306:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(re_id, "%u", u);
data/libisoburn-1.5.2/xorriso/emulators.c:1318:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:1344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *boot_path, partno_text[24], *iso_rr_pt, *disk_pt, *rpt, *wpt;
data/libisoburn-1.5.2/xorriso/emulators.c:1345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rm_merge_args[3], *rr_reloc_dir_pt= NULL;
data/libisoburn-1.5.2/xorriso/emulators.c:1346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sort_weight_args[4], *bless_args[6], *sa_path;
data/libisoburn-1.5.2/xorriso/emulators.c:1381:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Revoked stderr message redirection");
data/libisoburn-1.5.2/xorriso/emulators.c:1412:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/emulators.c:1429:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(adr, "stdio:");
data/libisoburn-1.5.2/xorriso/emulators.c:1438:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(indev, "stdio:");
data/libisoburn-1.5.2/xorriso/emulators.c:1456:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ra_text, "SORRY");
data/libisoburn-1.5.2/xorriso/emulators.c:1802:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pathspec, "hfsplus_serial=%.80s", argv[i]);
data/libisoburn-1.5.2/xorriso/emulators.c:1814:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfe, "hfsplus_block_size=%d", ret);
data/libisoburn-1.5.2/xorriso/emulators.c:1816:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfe, "apm_block_size=%d", ret);
data/libisoburn-1.5.2/xorriso/emulators.c:2164:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pathspec, "sparc_label=");
data/libisoburn-1.5.2/xorriso/emulators.c:2183:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partno_text, "%d", partition_number);
data/libisoburn-1.5.2/xorriso/emulators.c:2196:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(partno_text, "%d", partition_number);
data/libisoburn-1.5.2/xorriso/emulators.c:2401:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *lower_r_args[3]= {"/", "-exec", "mkisofs_r"};
data/libisoburn-1.5.2/xorriso/emulators.c:2408:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *dir_mode_args[6]= {"/", "-type", "d", "-exec", "chmod", ""};
data/libisoburn-1.5.2/xorriso/emulators.c:2410:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfe, "0%o", (unsigned int) dir_mode);
data/libisoburn-1.5.2/xorriso/emulators.c:2417:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *file_mode_args[6]= {"/", "-type", "f", "-exec", "chmod", ""};
data/libisoburn-1.5.2/xorriso/emulators.c:2419:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfe, "0%o", (unsigned int) file_mode);
data/libisoburn-1.5.2/xorriso/emulators.c:2651:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sfe, "mipsel_path=");
data/libisoburn-1.5.2/xorriso/emulators.c:2653:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sfe, "mips_path=");
data/libisoburn-1.5.2/xorriso/emulators.c:2688:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *bless_arg_data[6]= {
data/libisoburn-1.5.2/xorriso/emulators.c:2699:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/emulators.c:2730:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->boot_image_cat_path, "/boot.catalog");
data/libisoburn-1.5.2/xorriso/filters.c:219:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-set_filter: Cannot remove suffix from ");
data/libisoburn-1.5.2/xorriso/filters.c:234:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-set_filter: Cannot append suffix to ");
data/libisoburn-1.5.2/xorriso/filters.c:236:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, ". Left unfiltered.");
data/libisoburn-1.5.2/xorriso/filters.c:289:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-set_filter: Not a regular data file node ");
data/libisoburn-1.5.2/xorriso/filters.c:324:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-set_filter: Not a registered filter name ");
data/libisoburn-1.5.2/xorriso/filters.c:402:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:457:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:468:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:471:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:504:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:520:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:534:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:541:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:570:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:582:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/filters.c:615:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "-external_filter ");
data/libisoburn-1.5.2/xorriso/filters.c:621:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "suffix=");
data/libisoburn-1.5.2/xorriso/filters.c:628:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "remove_suffix:");
data/libisoburn-1.5.2/xorriso/filters.c:630:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "if_nonempty:");
data/libisoburn-1.5.2/xorriso/filters.c:632:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "if_reduction:");
data/libisoburn-1.5.2/xorriso/filters.c:634:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "if_block_reduction:");
data/libisoburn-1.5.2/xorriso/filters.c:635:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "used=%.f ", (double) extf->cmd->refcount);
data/libisoburn-1.5.2/xorriso/filters.c:649:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, " --\n");
data/libisoburn-1.5.2/xorriso/filters.c:653:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "-close_filter_list\n");
data/libisoburn-1.5.2/xorriso/filters.c:711:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/findjob.c:485:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:548:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:555:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:583:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:607:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:651:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:663:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg, "-then-operator found outside its proper range.");
data/libisoburn-1.5.2/xorriso/findjob.c:682:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:695:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg, "-else-operator found outside its proper range.");
data/libisoburn-1.5.2/xorriso/findjob.c:714:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:727:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:750:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg,
data/libisoburn-1.5.2/xorriso/findjob.c:762:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(job->errmsg, "-endif-mark found outside its proper range.");
data/libisoburn-1.5.2/xorriso/findjob.h:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origin[8];
data/libisoburn-1.5.2/xorriso/findjob.h:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[4096];
data/libisoburn-1.5.2/xorriso/iso_img.c:108:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Failed to create new empty ISO image object");
data/libisoburn-1.5.2/xorriso/iso_img.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33];
data/libisoburn-1.5.2/xorriso/iso_img.c:175:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:185:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:188:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " <> ");
data/libisoburn-1.5.2/xorriso/iso_img.c:203:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[68];
data/libisoburn-1.5.2/xorriso/iso_img.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[16];
data/libisoburn-1.5.2/xorriso/iso_img.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *msg, hr[17];
data/libisoburn-1.5.2/xorriso/iso_img.c:259:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "%2.2s. Time Zone: %c%-2.2d:%-2.2d\n", head,
data/libisoburn-1.5.2/xorriso/iso_img.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *msg, block_head[8], *crt, *mdt, *ext, *eft;
data/libisoburn-1.5.2/xorriso/iso_img.c:298:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "PVD address : %ds\n", i);
data/libisoburn-1.5.2/xorriso/iso_img.c:357:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_volid(struct XorrisO *xorriso, char volid[33], int flag)
data/libisoburn-1.5.2/xorriso/iso_img.c:411:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bspec, "dir=/");
data/libisoburn-1.5.2/xorriso/iso_img.c:414:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bspec, "dir=/isolinux");
data/libisoburn-1.5.2/xorriso/iso_img.c:419:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bspec, "dir=/boot/isolinux");
data/libisoburn-1.5.2/xorriso/iso_img.c:438:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any efi_path=");
data/libisoburn-1.5.2/xorriso/iso_img.c:495:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "%-2.2X", (unsigned int) selection_crit[i]);
data/libisoburn-1.5.2/xorriso/iso_img.c:507:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "%-2.2X", (unsigned int) id_string[i]);
data/libisoburn-1.5.2/xorriso/iso_img.c:524:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image isolinux partition_entry=apm_hfsplus\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:529:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image isolinux partition_entry=off\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *paths[15], *line;
data/libisoburn-1.5.2/xorriso/iso_img.c:566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[4];
data/libisoburn-1.5.2/xorriso/iso_img.c:573:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any sparc_label=");
data/libisoburn-1.5.2/xorriso/iso_img.c:577:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image grub grub2_sparc_core=");
data/libisoburn-1.5.2/xorriso/iso_img.c:605:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num, "%d", sa_type);
data/libisoburn-1.5.2/xorriso/iso_img.c:612:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any alpha_boot=");
data/libisoburn-1.5.2/xorriso/iso_img.c:640:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "-append_partition %d ", i + 1);
data/libisoburn-1.5.2/xorriso/iso_img.c:647:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line + l, "0x%2.2x ",
data/libisoburn-1.5.2/xorriso/iso_img.c:675:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char id_string[29], sel_crit[21];
data/libisoburn-1.5.2/xorriso/iso_img.c:821:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line),
data/libisoburn-1.5.2/xorriso/iso_img.c:824:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), " , boot_info_table=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:826:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), " , grub2_boot_info=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:854:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot record : (overridden by -boot_image any next)\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:869:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot record : none\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:905:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot record : El Torito");
data/libisoburn-1.5.2/xorriso/iso_img.c:915:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot catalog : ");
data/libisoburn-1.5.2/xorriso/iso_img.c:919:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot catalog : -not-found-at-load-time-\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:924:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot image : ");
data/libisoburn-1.5.2/xorriso/iso_img.c:927:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot image : -not-found-at-load-time-");
data/libisoburn-1.5.2/xorriso/iso_img.c:929:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot image : -not-found-any-more-by-lba=%d",
data/libisoburn-1.5.2/xorriso/iso_img.c:940:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot image : ");
data/libisoburn-1.5.2/xorriso/iso_img.c:943:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(respt, "Boot image : -not-found-any-more-");
data/libisoburn-1.5.2/xorriso/iso_img.c:974:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"No ISO image present.");
data/libisoburn-1.5.2/xorriso/iso_img.c:976:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/iso_img.c:1032:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33], *devadr, *mount_command= NULL, *adr_data= NULL, *adr_pt;
data/libisoburn-1.5.2/xorriso/iso_img.c:1085:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot determine properties of file ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1095:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:1171:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Volume id : ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1191:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:1197:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "\nMounted session %d of device ", session);
data/libisoburn-1.5.2/xorriso/iso_img.c:1204:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text), " as directory ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *paths[15];
data/libisoburn-1.5.2/xorriso/iso_img.c:1273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *par[5];
data/libisoburn-1.5.2/xorriso/iso_img.c:1303:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Unsupported HP-PA PALO header version ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1310:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:1361:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *type_names[7] = {
data/libisoburn-1.5.2/xorriso/iso_img.c:1382:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " for ISOLINUX isohybrid");
data/libisoburn-1.5.2/xorriso/iso_img.c:1384:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " for GRUB2 patching");
data/libisoburn-1.5.2/xorriso/iso_img.c:1386:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " with partition table");
data/libisoburn-1.5.2/xorriso/iso_img.c:1388:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " for partition table");
data/libisoburn-1.5.2/xorriso/iso_img.c:1399:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Revokable by -boot_image any discard");
data/libisoburn-1.5.2/xorriso/iso_img.c:1401:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Revokable by -boot_image any mips_discard");
data/libisoburn-1.5.2/xorriso/iso_img.c:1403:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Revokable by -boot_image any sparc_discard");
data/libisoburn-1.5.2/xorriso/iso_img.c:1424:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:1431:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "0x%8.8x\n", (unsigned int) crc);
data/libisoburn-1.5.2/xorriso/iso_img.c:1525:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "zero_mbrpt,");
data/libisoburn-1.5.2/xorriso/iso_img.c:1527:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "zero_gpt,");
data/libisoburn-1.5.2/xorriso/iso_img.c:1529:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "zero_apm,");
data/libisoburn-1.5.2/xorriso/iso_img.c:1546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pltf[8], b[8], emul[8], boot_image_type[16];
data/libisoburn-1.5.2/xorriso/iso_img.c:1670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[24], *textpt, *contentpt, *buf= NULL, part_type_text[37];
data/libisoburn-1.5.2/xorriso/iso_img.c:1680:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *volid, *crt, *mdt, *ext, *eft, uuid[17], *uuid_time;
data/libisoburn-1.5.2/xorriso/iso_img.c:1818:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-V ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1820:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-volid ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1851:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "--modification-date=");
data/libisoburn-1.5.2/xorriso/iso_img.c:1853:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-volume_date uuid ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1890:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(et_imgs[idx].boot_image_type, "any");
data/libisoburn-1.5.2/xorriso/iso_img.c:1906:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(et_imgs[idx].boot_image_type, "isolinux");
data/libisoburn-1.5.2/xorriso/iso_img.c:1908:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(et_imgs[idx].boot_image_type, "grub");
data/libisoburn-1.5.2/xorriso/iso_img.c:2026:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-chrp-boot-part ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2028:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any chrp_boot_part=on ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2035:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-isohybrid-mbr ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2037:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image isolinux system_area=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2045:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "--grub2-mbr ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2047:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image grub grub2_mbr=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2055:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "--protective-msdos-label");
data/libisoburn-1.5.2/xorriso/iso_img.c:2057:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any partition_table=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2062:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-partition_cyl_align off");
data/libisoburn-1.5.2/xorriso/iso_img.c:2064:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any partition_cyl_align=off");
data/libisoburn-1.5.2/xorriso/iso_img.c:2067:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-partition_cyl_align all");
data/libisoburn-1.5.2/xorriso/iso_img.c:2069:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any partition_cyl_align=all");
data/libisoburn-1.5.2/xorriso/iso_img.c:2072:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-partition_cyl_align on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2074:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any partition_cyl_align=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2081:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-partition_offset %.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2083:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any partition_offset=%.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2088:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-partition_hd_cyl %.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2090:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any partition_hd_cyl=%.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2095:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-partition_sec_hd %.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2097:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any partition_sec_hd=%.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2107:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-append_partition %lu 0x%lx ", partno, part_type);
data/libisoburn-1.5.2/xorriso/iso_img.c:2121:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-prep-boot-part ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2123:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any prep_boot_part=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2136:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "--mbr-force-bootable");
data/libisoburn-1.5.2/xorriso/iso_img.c:2138:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any mbr_force_bootable=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2143:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2157:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2169:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2199:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2216:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2231:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(part_type_text, "0x%lx", part_type);
data/libisoburn-1.5.2/xorriso/iso_img.c:2260:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-part_like_isohybrid");
data/libisoburn-1.5.2/xorriso/iso_img.c:2262:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any part_like_isohybrid=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2277:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-efi-boot-part ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2279:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any efi_boot_part=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2289:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-apm-block-size %.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2291:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any apm_block_size=%.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2322:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hfsplus");
data/libisoburn-1.5.2/xorriso/iso_img.c:2324:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hfsplus on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2349:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-mips-boot ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2351:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any mips_path=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2356:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-mipsel-boot ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2358:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any mipsel_path=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2363:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-sparc-label ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2365:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any sparc_label=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2370:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-B ,");
data/libisoburn-1.5.2/xorriso/iso_img.c:2372:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "--grub2-sparc-core ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2374:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image grub grub2_sparc_core=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2391:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hppa-hdrversion %.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2393:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any hppa_hdrversion=%.f", num[0]);
data/libisoburn-1.5.2/xorriso/iso_img.c:2397:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hppa-cmdline ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2399:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any hppa_cmdline=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2404:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hppa-kernel-32 ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2406:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any hppa_kernel_32=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2411:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hppa-kernel-64 ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2413:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any hppa_kernel_64=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2418:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hppa-ramdisk ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2420:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any hppa_ramdisk=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2425:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hppa-bootloader ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2427:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any hppa_bootloader=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2432:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2439:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-alpha-boot ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2441:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any alpha_boot=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2452:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-appended_part_as_gpt");
data/libisoburn-1.5.2/xorriso/iso_img.c:2454:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any appended_part_as=gpt");
data/libisoburn-1.5.2/xorriso/iso_img.c:2461:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-G ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2466:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-B ...");
data/libisoburn-1.5.2/xorriso/iso_img.c:2469:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any system_area=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2475:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-append_partition %d 0x00 .", i);
data/libisoburn-1.5.2/xorriso/iso_img.c:2481:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2489:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-G ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2491:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any system_area=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2499:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-iso_mbr_part_type 0x%2.2x",
data/libisoburn-1.5.2/xorriso/iso_img.c:2502:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any iso_mbr_part_type=0x%2.2x",
data/libisoburn-1.5.2/xorriso/iso_img.c:2508:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-iso_mbr_part_type ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2510:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any iso_mbr_part_type=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2523:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-efi-boot-part --efi-boot-image");
data/libisoburn-1.5.2/xorriso/iso_img.c:2525:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any efi_boot_part=--efi-boot-image");
data/libisoburn-1.5.2/xorriso/iso_img.c:2530:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-c ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2532:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any cat_path=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2536:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "--boot-catalog-hide");
data/libisoburn-1.5.2/xorriso/iso_img.c:2538:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any cat_hidden=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2544:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2553:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-eltorito-alt-boot");
data/libisoburn-1.5.2/xorriso/iso_img.c:2555:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any next");
data/libisoburn-1.5.2/xorriso/iso_img.c:2573:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-append_partition %lu 0x%lx ", (unsigned long) i + 1,
data/libisoburn-1.5.2/xorriso/iso_img.c:2589:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(app_pseudo_paths[idx],
data/libisoburn-1.5.2/xorriso/iso_img.c:2605:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(app_pseudo_paths[idx],
data/libisoburn-1.5.2/xorriso/iso_img.c:2615:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2627:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-eltorito-platform 0x%2.2x", et_imgs[idx].platform_id);
data/libisoburn-1.5.2/xorriso/iso_img.c:2631:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-b ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2637:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-e ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2644:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any platform_id=0x%2.2x",
data/libisoburn-1.5.2/xorriso/iso_img.c:2650:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-no-emul-boot");
data/libisoburn-1.5.2/xorriso/iso_img.c:2652:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any emul_type=no_emulation");
data/libisoburn-1.5.2/xorriso/iso_img.c:2655:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-hard-disk-boot");
data/libisoburn-1.5.2/xorriso/iso_img.c:2657:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any emul_type=hard_disk");
data/libisoburn-1.5.2/xorriso/iso_img.c:2662:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any emul_type=diskette");
data/libisoburn-1.5.2/xorriso/iso_img.c:2668:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot-load-size %d", et_imgs[idx].ldsiz);
data/libisoburn-1.5.2/xorriso/iso_img.c:2670:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any load_size=%d", et_imgs[idx].ldsiz * 512);
data/libisoburn-1.5.2/xorriso/iso_img.c:2675:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot-info-table");
data/libisoburn-1.5.2/xorriso/iso_img.c:2677:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any boot_info_table=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2682:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "--grub2-boot-info");
data/libisoburn-1.5.2/xorriso/iso_img.c:2684:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image grub grub2_boot_info=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:2689:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-eltorito-id ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2691:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any id_string=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2697:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-eltorito-selcrit ");
data/libisoburn-1.5.2/xorriso/iso_img.c:2699:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image any sel_crit=");
data/libisoburn-1.5.2/xorriso/iso_img.c:2705:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-isohybrid-gpt-basdat");
data/libisoburn-1.5.2/xorriso/iso_img.c:2707:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image isolinux partition_entry=gpt_basdat");
data/libisoburn-1.5.2/xorriso/iso_img.c:2712:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-isohybrid-gpt-hfsplus");
data/libisoburn-1.5.2/xorriso/iso_img.c:2714:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image isolinux partition_entry=gpt_hfsplus");
data/libisoburn-1.5.2/xorriso/iso_img.c:2719:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-isohybrid-apm-hfsplus");
data/libisoburn-1.5.2/xorriso/iso_img.c:2721:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-boot_image isolinux partition_entry=apm_hfsplus");
data/libisoburn-1.5.2/xorriso/iso_img.c:2728:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_img.c:2737:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-no-pad");
data/libisoburn-1.5.2/xorriso/iso_img.c:2739:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "-padding 0");
data/libisoburn-1.5.2/xorriso/iso_img.c:2856:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/iso_img.c:2860:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "With -report_el_torito \"plain\":\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:2862:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "With -report_system_area \"plain\":\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:2864:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/iso_img.c:2943:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "No El Torito information was loaded");
data/libisoburn-1.5.2/xorriso/iso_img.c:2945:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "No System Area was loaded");
data/libisoburn-1.5.2/xorriso/iso_img.c:2951:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "No El Torito information available");
data/libisoburn-1.5.2/xorriso/iso_img.c:2953:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "System Area only contains 0-bytes");
data/libisoburn-1.5.2/xorriso/iso_img.c:2970:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:156:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Split into %d parts: ", total_parts);
data/libisoburn-1.5.2/xorriso/iso_manip.c:199:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "File name had to be truncated and MD5 marked: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:201:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " -> ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:210:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:230:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:323:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "User revoked adding of: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:415:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Failed to create source filesystem iterator");
data/libisoburn-1.5.2/xorriso/iso_manip.c:450:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Failed to obtain next directory entry");
data/libisoburn-1.5.2/xorriso/iso_manip.c:694:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Copied properties for ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:696:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text), " from ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:853:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:857:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " (disk: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:876:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:899:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:914:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Source ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:916:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " is not a directory. Target ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:918:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " would be.");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1048:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Grafting failed: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1050:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " = ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1106:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "User revoked adding of: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1196:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Grafting failed: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1198:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " = ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1250:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-cut_out: Cannot determine type of ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1261:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1271:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1319:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"-mkdir: Address already existing ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1332:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Created directory in ISO image: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1407:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "May not delete root directory");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1523:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1526:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1654:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1678:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "May not rename root directory");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1682:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Ignored attempt to rename ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1684:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " to itself");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1689:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "May not rename ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1691:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " to its own sub address ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1732:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1741:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1774:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1794:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Failed to clone ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1835:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:1889:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Cloned in ISO image: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1891:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " to ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1945:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cloning: Copy address already exists: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1991:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Permissions now: %-5.5o ",
data/libisoburn-1.5.2/xorriso/iso_manip.c:2109:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Error with setting ACL of ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2163:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:2203:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Error with setting xattr of ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[66], *bufpt, *wpt, *di= NULL;
data/libisoburn-1.5.2/xorriso/iso_manip.c:2287:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
hino= (hino << 8) | ((unsigned char *) di)[i];
data/libisoburn-1.5.2/xorriso/iso_manip.c:2465:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "(file name conversion error)");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2470:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "--\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2510:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot create IsoDirIter object");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_text[80], limit_text[80];
data/libisoburn-1.5.2/xorriso/iso_manip.c:2566:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:2642:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *target, *text_2, *iso_prefix, md5[16], *basename, bless_code[17];
data/libisoburn-1.5.2/xorriso/iso_manip.c:2643:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crtp[10];
data/libisoburn-1.5.2/xorriso/iso_manip.c:2781:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Deleted ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2841:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%-16.16s ", bless_code);
data/libisoburn-1.5.2/xorriso/iso_manip.c:2898:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "-find ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2926:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "-find ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:3029:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ft, *decision, md5[16], bless_code[17];
data/libisoburn-1.5.2/xorriso/iso_manip.c:3590:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&array_job, hindmost, sizeof(struct FindjoB));
data/libisoburn-1.5.2/xorriso/iso_manip.c:3594:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&array_job, job, sizeof(struct FindjoB));
data/libisoburn-1.5.2/xorriso/iso_manip.c:3781:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:3787:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:3981:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *msg, buf[10], *bufpt;
data/libisoburn-1.5.2/xorriso/iso_manip.c:4011:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10], *bufpt;
data/libisoburn-1.5.2/xorriso/iso_manip.c:4022:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hfs_data->creator_code, creator, 4);
data/libisoburn-1.5.2/xorriso/iso_manip.c:4023:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hfs_data->type_code, hfs_type, 4);
data/libisoburn-1.5.2/xorriso/iso_manip.c:4031:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4042:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 2, creator, 4);
data/libisoburn-1.5.2/xorriso/iso_manip.c:4043:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 6, hfs_type, 4);
data/libisoburn-1.5.2/xorriso/iso_manip.c:4080:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4083:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4099:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4102:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4176:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Unknown blessing type ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4219:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4222:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4226:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, ": ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4253:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *bless_idx, char bless_code[17], int flag)
data/libisoburn-1.5.2/xorriso/iso_manip.c:4274:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bless_code, "ppc_bootdir");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4276:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bless_code, "intel_bootfile");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4278:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bless_code, "show_folder");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4280:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bless_code, "os9_folder");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4282:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bless_code, "osx_folder");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4284:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bless_code, "unknown_blessing");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sort_weight_args[4];
data/libisoburn-1.5.2/xorriso/iso_manip.c:4329:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4468:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Truncated name of current limit found: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4505:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_manip.c:4508:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " -> ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4518:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trunc + length - 33 - 9, ":%-8.8X", mangleno);
data/libisoburn-1.5.2/xorriso/iso_manip.c:4545:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Truncated: ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:4547:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " -> ");
data/libisoburn-1.5.2/xorriso/iso_manip.h:74:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *bless_idx, char bless_code[17], int flag);
data/libisoburn-1.5.2/xorriso/iso_tree.c:128:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_tree.c:165:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Effective path gets much too long (%d)",
data/libisoburn-1.5.2/xorriso/iso_tree.c:400:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/iso_tree.c:433:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
npt= (char *) iso_node_get_name(components[i]);
data/libisoburn-1.5.2/xorriso/iso_tree.c:460:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/iso_tree.c:618:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(total_stbuf, &first_stbuf, sizeof(struct stat));
data/libisoburn-1.5.2/xorriso/iso_tree.c:690:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Error with obtaining ACL of ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:705:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "No ACL associated with ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:719:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "# owner: %.f\n", (double) uid);
data/libisoburn-1.5.2/xorriso/iso_tree.c:726:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "# group: %.f\n", (double) gid);
data/libisoburn-1.5.2/xorriso/iso_tree.c:864:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "# oversized: name %d , value %d bytes\n",
data/libisoburn-1.5.2/xorriso/iso_tree.c:938:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "\"$(echo -e '");
data/libisoburn-1.5.2/xorriso/iso_tree.c:947:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) wpt, "\\0%-3.3o", *upt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:955:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wpt, "')\"");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1012:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "n=");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1023:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uval= (unsigned char *) values[i];
data/libisoburn-1.5.2/xorriso/iso_tree.c:1026:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,
data/libisoburn-1.5.2/xorriso/iso_tree.c:1052:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "echo 'OMITTED: Value contains 0-bytes : space \"'\"");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1057:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "\"'\" , name \"'\"");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1062:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "\"'\" in file '\"");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1067:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "\" >&2\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1074:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "# ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1077:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "$c ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1091:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, " \"$n\"\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1211:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Error with reading xattr of disk file ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1283:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*value, values[i], value_lengths[i]);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[5];
data/libisoburn-1.5.2/xorriso/iso_tree.c:1307:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_text, "image");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1309:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_text, "disk");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1311:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_text, "--zisofs");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1313:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_text, "--zisofs-decode");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1315:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_text, "--gzip");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1317:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type_text, "--gunzip");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1332:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_md5(struct XorrisO *xorriso, void *in_node, char *path,
data/libisoburn-1.5.2/xorriso/iso_tree.c:1333:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[16], int flag)
data/libisoburn-1.5.2/xorriso/iso_tree.c:1360:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wpt, "%2.2x", ((unsigned char *) md5)[i]);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1360:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sprintf(wpt, "%2.2x", ((unsigned char *) md5)[i]);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1363:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wpt, " ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1525:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%-7.f ",(double) (report_size));
data/libisoburn-1.5.2/xorriso/iso_tree.c:1527:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%7.f ",(double) (report_size));
data/libisoburn-1.5.2/xorriso/iso_tree.c:1749:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Not found in ISO image: ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1758:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Valid ISO nodes found: %d\n", filec-was_error);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1781:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, ":\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1792:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "total %d\n", dfilec);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1830:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt, "%-7.f ",(double) (size/1024));
data/libisoburn-1.5.2/xorriso/iso_tree.c:1832:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt, "%7.f ",(double) (size/1024));
data/libisoburn-1.5.2/xorriso/iso_tree.c:1837:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, " -> ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1936:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Valid ISO nodes found: %d\n", filec);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1982:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, " -> ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2106:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_tree.c:2130:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "While expanding pattern ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2132:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_tree.c:2138:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/iso_tree.c:2282:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/iso_tree.c:2340:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/iso_tree.c:2344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_text[80], *source_path = NULL;
data/libisoburn-1.5.2/xorriso/iso_tree.c:2395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_text[16], *source_path= NULL;
data/libisoburn-1.5.2/xorriso/iso_tree.c:2416:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, " < ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2421:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_tree.c:2441:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, " < ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2446:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line + strlen(xorriso->result_line), "[%u,%lu,%lu]",
data/libisoburn-1.5.2/xorriso/iso_tree.c:2543:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/iso_tree.c:2576:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "File damaged : %8.f , %8.f , %8.f , ",
data/libisoburn-1.5.2/xorriso/iso_tree.c:2580:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "File seems ok: %8.f , %8.f , %8.f , ",
data/libisoburn-1.5.2/xorriso/iso_tree.c:2666:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot find path ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2668:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " in loaded ISO image");
data/libisoburn-1.5.2/xorriso/iso_tree.h:50:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/iso_tree.h:53:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/iso_tree.h:94:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:101:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:109:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "burn_set_signal_handling(%d)", mode);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *queue_sev, *print_sev, reason[1024];
data/libisoburn-1.5.2/xorriso/lib_mgt.c:170:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot initialize libraries");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:182:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:235:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Using ");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:321:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:329:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:337:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:341:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "libburn OS adapter: ");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:346:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char severity[20];
data/libisoburn-1.5.2/xorriso/lib_mgt.c:451:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sfe, ": ");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:488:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:497:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Local character set is now assumed as: ");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char severity[80], *text= NULL;
data/libisoburn-1.5.2/xorriso/lib_mgt.c:550:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "%1.4095s", msg);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:552:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(severity, "NOTE");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:580:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(severity, "MISHAP");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:582:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(severity, "ERRFILE");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:598:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text," (%d library messages repeated by xorriso)\n", count);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:653:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_md5_end(struct XorrisO *xorriso, void **ctx, char md5[16],
data/libisoburn-1.5.2/xorriso/lib_mgt.c:668:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_preparer_string(struct XorrisO *xorriso, char xorriso_id[129],
data/libisoburn-1.5.2/xorriso/lib_mgt.c:674:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso_id, "XORRISO-%d.%d.%d ",
data/libisoburn-1.5.2/xorriso/lib_mgt.c:683:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso_id + strlen(xorriso_id),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:687:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso_id + strlen(xorriso_id),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:691:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso_id + strlen(xorriso_id),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:706:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:855:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "%1.4095s", msg);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:867:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:895:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/lib_mgt.c:898:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Local ACL : -acl\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:900:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Local xattr : -xattr\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:902:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Jigdo files : -jigdo\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:904:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "zisofs : -zisofs\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:906:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Ext. filters : -external_filter\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:908:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "DVD obs 64 kB: -dvd_obs\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:910:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Readline : -use_readline\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:914:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prog[4096];
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:43:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1_substitute(struct Mx1 *m, char line_in[256], char line_out[256],
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:43:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1_substitute(struct Mx1 *m, char line_in[256], char line_out[256],
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:66:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1__get_word(char *line, char word[256], char **remainder, int flag)
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:66:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1__get_word(char *line, char word[256], char **remainder, int flag)
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rpt, *wpt, *ept, content[256], msg[256];
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:206:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1_substitute(struct Mx1 *m, char line_in[256], char line_out[256],
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:206:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1_substitute(struct Mx1 *m, char line_in[256], char line_out[256],
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:303:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1_convert(struct Mx1 *m, char line_in[256], char line_out[256], int flag)
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:303:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Mx1_convert(struct Mx1 *m, char line_in[256], char line_out[256], int flag)
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[256], buf[256], *remainder, *wpt;
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:329:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line_out, ".br");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:379:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "\\fB");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:399:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "\\fR");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_in[256], line_out[256], *got;
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:465:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name_in[1024]= {"xorriso/xorriso.texi"};
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:466:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name_out[1024]= {"xorriso/xorriso.1"};
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:488:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_in, "xorriso/xorrisofs.texi");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:489:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_out, "xorriso/xorrisofs.1");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:491:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_in, "xorriso/xorrecord.texi");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:492:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_out, "xorriso/xorrecord.1");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:494:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_in, "xorriso/xorriso-tcltk.texi");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:495:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_out, "xorriso/xorriso-tcltk.1");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:503:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp_in= fopen(name_in, "r");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:509:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp_out= fopen(name_out, "w");
data/libisoburn-1.5.2/xorriso/match.c:56:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Search pattern too long");
data/libisoburn-1.5.2/xorriso/match.c:375:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:410:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:475:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot obtain disk directory iterator");
data/libisoburn-1.5.2/xorriso/match.c:487:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Failed to obtain next directory entry");
data/libisoburn-1.5.2/xorriso/match.c:581:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:584:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "No pattern match with any file object");
data/libisoburn-1.5.2/xorriso/match.c:586:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text), ": ");
data/libisoburn-1.5.2/xorriso/match.c:598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_text[80];
data/libisoburn-1.5.2/xorriso/match.c:612:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_text[80], limit_text[80];
data/libisoburn-1.5.2/xorriso/match.c:675:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Address set by -cdx is not a directory: ");
data/libisoburn-1.5.2/xorriso/match.c:780:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/match.c:788:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Pattern seen: ");
data/libisoburn-1.5.2/xorriso/misc_funct.c:218:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) erg)[i]= ((char *) now)[i];
data/libisoburn-1.5.2/xorriso/misc_funct.c:218:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) erg)[i]= ((char *) now)[i];
data/libisoburn-1.5.2/xorriso/misc_funct.c:504:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&norm_tm, erg, sizeof(struct tm));
data/libisoburn-1.5.2/xorriso/misc_funct.c:515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/libisoburn-1.5.2/xorriso/misc_funct.c:682:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Ftimetxt(time_t t, char timetext[40], int flag)
data/libisoburn-1.5.2/xorriso/misc_funct.c:682:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Ftimetxt(time_t t, char timetext[40], int flag)
data/libisoburn-1.5.2/xorriso/misc_funct.c:686:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char months[12][4]= { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
data/libisoburn-1.5.2/xorriso/misc_funct.c:688:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char days[7][4]= {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"};
data/libisoburn-1.5.2/xorriso/misc_funct.c:696:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%12.f", (double) t);
data/libisoburn-1.5.2/xorriso/misc_funct.c:698:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%4.4d.%2.2d.%2.2d.%2.2d%2.2d%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:711:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%c", 'A' + (tms.tm_year - 100) / 10);
data/libisoburn-1.5.2/xorriso/misc_funct.c:713:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%c", '0' + tms.tm_year / 10);
data/libisoburn-1.5.2/xorriso/misc_funct.c:714:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rpt+strlen(rpt), "%1.1d%2.2d%2.2d.%2.2d%2.2d%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:1282:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(acc, "off:");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1284:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(acc, "on:");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1287:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(acc, "iso_rr:");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1289:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(acc, "joliet:");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1291:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(acc, "hfsplus:");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1349:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1352:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1355:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1358:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1361:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1365:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text + i * 2, "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.h:36:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Ftimetxt(time_t t, char timetext[40], int flag);
data/libisoburn-1.5.2/xorriso/misc_funct.h:36:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Ftimetxt(time_t t, char timetext[40], int flag);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char severity[20], *official;
data/libisoburn-1.5.2/xorriso/opts_a_c.c:48:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-abort_on: Not a known severity name : ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:170:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Effective path gets much too long (%d)",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:352:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xorriso->appended_part_type_guids[partno - 1], guid, 16);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:383:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:452:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:461:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-assert_volid: Cannot use given pattern.");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:477:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-assert_volid: Not a known severity name : ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:546:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:718:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:769:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "------------------------------------\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:771:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Status of loaded boot image :\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:773:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "------------------------------------\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:776:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "------------------------------------\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:778:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Boot image settings for next commit:\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:780:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "------------------------------------\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:783:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "------------------------------------\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:809:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->boot_image_bin_path, "/isolinux/");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:814:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->boot_image_bin_path, "/boot/isolinux/");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:820:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:826:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->boot_image_bin_path, "isolinux.bin");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:827:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->boot_image_cat_path, "boot.cat");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:852:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:874:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->boot_image_bin_form, "any");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1239:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xorriso->hfsp_serial_number, sn, 8);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1310:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1321:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1324:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1408:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"-cdi: iso_rr_path too long (%d > %d)",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1414:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"previous working directory:\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1438:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-cdi: not existing yet in ISO image : ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1445:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-cdi: not a directory : ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1472:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"-cdx: disk_path too long (%d > %d)",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1478:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"previous working directory on hard disk:\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1505:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"-cdx: file not found : ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1512:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-cdx: not a directory : ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1540:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "-changes_pending ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1542:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, "no");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1544:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, "mkisofs_printed");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1546:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line, "yes");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1653:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1663:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-check_md5: Not a known severity name : ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1733:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1737:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1742:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Ok, session data match recorded md5.\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quality_name[80], *head_buffer= NULL;
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1785:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1791:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1799:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1842:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1847:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1895:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2133:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-close_damaged: unknown mode ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eternal_problem_status_text_mem[80];
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2171:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-commit: No image modifications pending");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2186:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(eternal_problem_status_text_mem, "WARNING");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ipth, *argv[6], *eff_origin= NULL, *eff_dest= NULL;
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2255:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-compare: Empty disk_path given");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2323:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2326:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Differences detected.\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2328:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Comparison failed due to error.\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2363:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2369:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2376:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2398:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-concat pipe: No program path given.");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2409:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-concat: No iso_rr_paths given.");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2467:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2503:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Effective path gets much too long (%d)",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2518:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cloning: May not overwrite: ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2587:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Effective path gets much too long (%d)",
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2652:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2688:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-cpx: May not copy directory ");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2702:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Effective path gets much too long (%d)",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:108:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Giving up -dev ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:110:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Giving up -indev ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:116:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Giving up -outdev ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:141:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:153:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Gave up -dev ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:158:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Gave up -indev ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:163:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Gave up -outdev ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:285:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-drive_access: unknown mode '");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:357:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:420:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:487:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp= fopen(path, "a");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:489:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-errfile_log: Cannot open file ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:501:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-errfile_log: Unknown mode ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:600:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:612:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-extract: Empty disk_path given");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:728:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-file_size_limit: values sum up to %.f",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:747:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-file_size_limit now at %.f\n",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:750:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-file_size_limit now off\n");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:769:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-find: Unknown output namespace identifier");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:782:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:838:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:849:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-find[ix]: cannot set -name expression ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:862:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:873:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-find[ix]: unknown -type '%c'",argv[i][0]);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:939:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-findi: -hidden : unknown hide state ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:945:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-findi: cannot setup -hidden test");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:959:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-findi: cannot setup -has_hfs_crtp test");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:968:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-findi: cannot setup -has_hfs_bless test");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:981:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-findi: cannot setup -bad_outname test");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1065:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1092:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1321:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-find -exec hide: unknown hide state ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1378:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-find -exec: unknown action ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1383:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-find[ix]: unknown option ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1395:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "cd ");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1414:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "c=\"setextattr\"\n\n");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1439:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,"Size lower : %lus\n",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1442:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,"Size upper : %lus\n",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1529:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-follow: oversized mode parameter (%d)",l);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1551:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-fs: wrong size %.f (allowed: %.f - %.f)",
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1665:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_d_h.c:2555:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-hide : unknown hide state ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:53:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-iso_nowtime: Set to =%.f", (double) t);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:115:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:152:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:158:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:166:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:175:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:256:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-lns: Address already existing: ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:289:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:320:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Wrong form. Correct would be: -logfile \".\"|\"R\"|\"I\"|\"M\" file_address");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:382:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:388:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:396:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:478:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:552:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-map: Empty disk_path given");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:759:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " does not begin with disk_prefix ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:887:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-md5: unknown mode ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:958:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-modesty_on_drive: percentage out of range [25 to 100]");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1005:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-modesty_on_drive: unknown mode ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1024:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_id[81], *mnt;
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1033:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1083:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-mount_opts: oversized parameter (%d)",l);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1179:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", ret);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1182:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", pargc);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1186:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", ret);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1193:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "0\n");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1197:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", available);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1205:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", ret);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1208:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", pargc);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1225:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", ret);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1281:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Effective path gets much too long (%d)",
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1290:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Renamed in ISO image: ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1292:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " to ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pipe_paths[3], *cpt, *npt;
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1464:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Aborted reading of file ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1466:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1470:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Added %d exclusion list items from file ",
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1488:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1595:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot add path list: -hide_disk_paths ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1623:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Cannot add path list: -not_paths ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1665:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Empty file name given with -options_from_file");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1670:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"+ performing command lines from file ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1672:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " :\n");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1678:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Command file: ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1729:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1735:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Command file end: ");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1803:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1809:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:86:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-padding: unrecognized non-numerical mode ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:93:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-padding: wrong size %.f (allowed: %.f - %.f)",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:109:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:228:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Aborted reading of file ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:230:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:236:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Added %d items from file ", insertcount);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:336:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"-print_size: No image modifications pending");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:339:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,"Image size : 0s\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:346:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"-print_size: Failed to set up virtual -commit");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:351:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,"%d\n", ret);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:363:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,"Image size : %ds\n", ret);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:374:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/libisoburn-1.5.2/xorriso/opts_p_z.c:435:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"current working directory in ISO image:\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:449:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"current working directory on hard disk:\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char severity[20], *official;
data/libisoburn-1.5.2/xorriso/opts_p_z.c:517:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-report_about: Not a known severity name : ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:559:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char severity[20], *official;
data/libisoburn-1.5.2/xorriso/opts_p_z.c:564:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:574:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:616:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot find path ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:618:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " in loaded ISO image for removal");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:747:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:753:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:768:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:847:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Empty file name given with -setfacl_list");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:881:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfacl_list: Oversized file path");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:889:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfacl_list: Oversized owner id");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:897:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfacl_list: Oversized group id");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:934:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wpt, line, l);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:945:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfacl_list: Unexpected end of file ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:956:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfacl_list ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:958:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:994:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Access-ACL :\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:997:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Default-ACL :\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1001:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Will delete Access-ACL and Default-ACL");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1123:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Empty file name given with -setfattr_list");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1149:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfattr_list: Oversized file path");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1180:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfattr_list: ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1182:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1197:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfattr_list: ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1199:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1221:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfattr_list: Unexpected end of file ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1233:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-setfattr_list ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1235:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1350:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1386:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1401:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Slept for %f seconds",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cpt, profile_name[80];
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1497:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-split_size: too large %.f (allowed: %.f)",
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1549:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1605:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot -tell_media_space");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1610:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1614:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Media space : %ds\n", media_space);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1616:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "After commit : %ds\n", free_space);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1630:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1654:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->result_line, "-------------: ---------------------------------------------------------------\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1697:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-toc_of: Unknown drive code ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1748:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ipth, *argv[6];
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1761:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-update: Empty disk_path given");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1782:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Updating ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1784:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " to ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1877:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Missing on disk and in ISO: disk_path ");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1906:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1910:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Differences detected and updated.");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1912:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1932:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1993:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1995:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line+strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2015:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2037:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2061:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-volid: Text too long (%d > 32)", i);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2066:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2071:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2076:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2130:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-volume_date uuid : Not an ECMA-119 time string. (16 decimal digits, range 1970... to 2999...)");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cpt, *npt, text[16];
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2258:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2280:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-zisofs: oversized mode parameter (%d)",l);
data/libisoburn-1.5.2/xorriso/parse_exec.c:180:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Pattern expansion yields %d items:", filec);
data/libisoburn-1.5.2/xorriso/parse_exec.c:215:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_problem_status(struct XorrisO *xorriso, char severity[80],
data/libisoburn-1.5.2/xorriso/parse_exec.c:264:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->problem_status_text, "ALL");
data/libisoburn-1.5.2/xorriso/parse_exec.c:349:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_cpmv_args(struct XorrisO *xorriso, char *cmd,
data/libisoburn-1.5.2/xorriso/parse_exec.c:350:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int argc, char **argv, int *idx,
data/libisoburn-1.5.2/xorriso/parse_exec.c:351:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *optc, char ***optv, char eff_dest[SfileadrL],
data/libisoburn-1.5.2/xorriso/parse_exec.c:351:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *optc, char ***optv, char eff_dest[SfileadrL],
data/libisoburn-1.5.2/xorriso/parse_exec.c:415:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_decode_load_adr(struct XorrisO *xorriso, char *cmd,
data/libisoburn-1.5.2/xorriso/parse_exec.c:416:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *adr_mode, char *adr_value,
data/libisoburn-1.5.2/xorriso/parse_exec.c:416:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *adr_mode, char *adr_value,
data/libisoburn-1.5.2/xorriso/parse_exec.c:417:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *entity_code, char entity_id[81],
data/libisoburn-1.5.2/xorriso/parse_exec.c:447:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(entity_id, "%.f", num);
data/libisoburn-1.5.2/xorriso/parse_exec.c:493:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Oversized argument #%d (length %d)\n",
data/libisoburn-1.5.2/xorriso/parse_exec.c:496:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Oversized option (length %d)\n",
data/libisoburn-1.5.2/xorriso/parse_exec.c:906:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/parse_exec.c:998:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Missing arguments: %d",
data/libisoburn-1.5.2/xorriso/parse_exec.c:1223:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:1322:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:1615:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2140:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2149:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"============================\n");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2179:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"============================\n");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2183:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"enter option and arguments :\n");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2190:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_list_delimiter[81];
data/libisoburn-1.5.2/xorriso/parse_exec.c:2327:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2330:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2333:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Disabling use of libreadline.");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2563:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path, "/.mkisofsrc");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2571:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cpt + 1, ".mkisofsrc");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2592:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sec_text, num_text[40];
data/libisoburn-1.5.2/xorriso/parse_exec.c:2602:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num_text, "%.f", dsec);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2619:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num_text, "%4.4d", 1900 + gmt->tm_year);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2620:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num_text + 4, "%2.2d", gmt->tm_mon + 1);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2621:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num_text + 6, "%2.2d", gmt->tm_mday);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2622:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num_text + 8, "%2.2d", gmt->tm_hour);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2623:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num_text + 10, "%2.2d", gmt->tm_min);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2624:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num_text + 12, "%2.2d", gmt->tm_sec);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2625:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(num_text + 14, "00");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2628:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->all_file_dates, "set_to_mtime");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2644:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2647:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:2717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_list_delimiter[81];
data/libisoburn-1.5.2/xorriso/parse_exec.c:2877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_text[80], limit_text[80];
data/libisoburn-1.5.2/xorriso/parse_exec.c:2980:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "External program path contains no '/': ");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3005:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot find external program ");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3019:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Executing external program ");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3090:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot create pipe(2) object");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3120:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.c:3141:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Error during disk file hiding decision");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3233:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*wpt, "user:");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3241:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*wpt, "group:");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3253:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*wpt, "other:");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3265:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*wpt, "mask:");
data/libisoburn-1.5.2/xorriso/parse_exec.c:3297:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*wpt, "%c%c%c\n",
data/libisoburn-1.5.2/xorriso/parse_exec.c:3330:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/parse_exec.h:27:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_problem_status(struct XorrisO *xorriso, char severity[80],
data/libisoburn-1.5.2/xorriso/parse_exec.h:46:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_cpmv_args(struct XorrisO *xorriso, char *cmd,
data/libisoburn-1.5.2/xorriso/parse_exec.h:47:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int argc, char **argv, int *idx,
data/libisoburn-1.5.2/xorriso/parse_exec.h:48:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *optc, char ***optv, char eff_dest[SfileadrL],
data/libisoburn-1.5.2/xorriso/parse_exec.h:48:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *optc, char ***optv, char eff_dest[SfileadrL],
data/libisoburn-1.5.2/xorriso/parse_exec.h:53:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_decode_load_adr(struct XorrisO *xorriso, char *cmd,
data/libisoburn-1.5.2/xorriso/parse_exec.h:54:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *adr_mode, char *adr_value,
data/libisoburn-1.5.2/xorriso/parse_exec.h:54:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *adr_mode, char *adr_value,
data/libisoburn-1.5.2/xorriso/parse_exec.h:55:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *entity_code, char entity_id[81],
data/libisoburn-1.5.2/xorriso/read_run.c:86:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:96:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:111:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:118:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:191:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *img_path, char *disk_path,
data/libisoburn-1.5.2/xorriso/read_run.c:191:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *img_path, char *disk_path,
data/libisoburn-1.5.2/xorriso/read_run.c:192:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_text[5], int flag)
data/libisoburn-1.5.2/xorriso/read_run.c:225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type_text, stream->class->type, 4);
data/libisoburn-1.5.2/xorriso/read_run.c:283:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:286:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Write error with ");
data/libisoburn-1.5.2/xorriso/read_run.c:324:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:341:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Error with obtaining ACL and xattr for ");
data/libisoburn-1.5.2/xorriso/read_run.c:360:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Disk file ");
data/libisoburn-1.5.2/xorriso/read_run.c:367:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " , and more");
data/libisoburn-1.5.2/xorriso/read_run.c:373:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text), " , ACL ");
data/libisoburn-1.5.2/xorriso/read_run.c:401:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:411:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:425:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:522:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Restored properties for ");
data/libisoburn-1.5.2/xorriso/read_run.c:524:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " from ");
data/libisoburn-1.5.2/xorriso/read_run.c:593:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:626:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
write_fd= open(open_path_pt, open_flags | O_BINARY, S_IRUSR | S_IWUSR);
data/libisoburn-1.5.2/xorriso/read_run.c:650:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:676:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:679:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/read_run.c:692:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot read all bytes from ISO file ");
data/libisoburn-1.5.2/xorriso/read_run.c:721:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:741:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot rename temporary path ");
data/libisoburn-1.5.2/xorriso/read_run.c:743:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " to final disk path ");
data/libisoburn-1.5.2/xorriso/read_run.c:766:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " = ");
data/libisoburn-1.5.2/xorriso/read_run.c:778:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_text[5];
data/libisoburn-1.5.2/xorriso/read_run.c:884:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "User revoked restoring of (ISO) file: ");
data/libisoburn-1.5.2/xorriso/read_run.c:892:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "While restoring ");
data/libisoburn-1.5.2/xorriso/read_run.c:894:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " : ");
data/libisoburn-1.5.2/xorriso/read_run.c:896:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, "file object");
data/libisoburn-1.5.2/xorriso/read_run.c:899:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " exists and may not be overwritten");
data/libisoburn-1.5.2/xorriso/read_run.c:1014:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:1142:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Restoring failed: ");
data/libisoburn-1.5.2/xorriso/read_run.c:1144:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " = ");
data/libisoburn-1.5.2/xorriso/read_run.c:1222:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "Attempt to replace DISK directory ");
data/libisoburn-1.5.2/xorriso/read_run.c:1225:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " by ISO file ");
data/libisoburn-1.5.2/xorriso/read_run.c:1623:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:1799:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Hardlinking omitted with ");
data/libisoburn-1.5.2/xorriso/read_run.c:1880:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-paste_in: DISK file ");
data/libisoburn-1.5.2/xorriso/read_run.c:1882:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " exists and is not a data file");
data/libisoburn-1.5.2/xorriso/read_run.c:1896:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-paste_in: ISO file ");
data/libisoburn-1.5.2/xorriso/read_run.c:1898:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " is not a data file");
data/libisoburn-1.5.2/xorriso/read_run.c:1954:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-extract_cut: ISO file ");
data/libisoburn-1.5.2/xorriso/read_run.c:1956:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " is not a data file");
data/libisoburn-1.5.2/xorriso/read_run.c:2012:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:2022:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "File object ");
data/libisoburn-1.5.2/xorriso/read_run.c:2024:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/read_run.c:2083:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Attempt aborted to extract data from ");
data/libisoburn-1.5.2/xorriso/read_run.c:2108:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Bad extract : %14.f , %14.f , ",
data/libisoburn-1.5.2/xorriso/read_run.c:2151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_md5[16], data_md5[16], *buffer= NULL;
data/libisoburn-1.5.2/xorriso/read_run.c:2164:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-check_md5: Not a data file: ");
data/libisoburn-1.5.2/xorriso/read_run.c:2181:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text, "-check_md5: No MD5 recorded with file: ");
data/libisoburn-1.5.2/xorriso/read_run.c:2228:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "MD5 MISMATCH: ");
data/libisoburn-1.5.2/xorriso/read_run.c:2235:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "md5 match : ");
data/libisoburn-1.5.2/xorriso/read_run.c:2251:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "Aborted at: ");
data/libisoburn-1.5.2/xorriso/read_run.c:2253:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "NOT READABLE: ");
data/libisoburn-1.5.2/xorriso/sfile.c:116:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_leafname(char *path, char leafname[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/sfile.c:116:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_leafname(char *path, char leafname[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/sfile.c:137:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_add_to_path(char path[SfileadrL], char *addon, int flag)
data/libisoburn-1.5.2/xorriso/sfile.c:161:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_prepend_path(char *prefix, char path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/sfile.c:161:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_prepend_path(char *prefix, char path[SfileadrL], int flag)
data/libisoburn-1.5.2/xorriso/sfile.c:185:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/sfile.c:202:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, prefix, prefix_len);
data/libisoburn-1.5.2/xorriso/sfile.c:302:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zeitcode[80]={"000000"};
data/libisoburn-1.5.2/xorriso/sfile.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char puff[80];
data/libisoburn-1.5.2/xorriso/sfile.c:312:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(zeitcode,"%c%1.1d%2.2d%2.2d",
data/libisoburn-1.5.2/xorriso/sfile.c:316:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(zeitcode,"%2.2d%2.2d%2.2d",
data/libisoburn-1.5.2/xorriso/sfile.c:319:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(puff,".%2.2d%2.2d",azt->tm_hour,azt->tm_min);
data/libisoburn-1.5.2/xorriso/sfile.c:323:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(puff,"%2.2d",azt->tm_sec);
data/libisoburn-1.5.2/xorriso/sfile.c:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scale_c,scales[7],form[80], *negpt= NULL, *cpt;
data/libisoburn-1.5.2/xorriso/sfile.c:348:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(scales,"bkmgtp");
data/libisoburn-1.5.2/xorriso/sfile.c:358:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(form,"%%.f");
data/libisoburn-1.5.2/xorriso/sfile.c:359:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(result,"%.f",value);
data/libisoburn-1.5.2/xorriso/sfile.c:365:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(form,"%%.f");
data/libisoburn-1.5.2/xorriso/sfile.c:367:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(form,"%%%d.f",siz);
data/libisoburn-1.5.2/xorriso/sfile.c:371:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(form,"%%.f%%c");
data/libisoburn-1.5.2/xorriso/sfile.c:373:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(form,"%%%d.%df%%c",avail_siz,dec_siz);
data/libisoburn-1.5.2/xorriso/sfile.c:375:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(form,"%%%d.f%%c",siz-1);
data/libisoburn-1.5.2/xorriso/sfile.c:389:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_off_t_text(char text[80], off_t num, int flag)
data/libisoburn-1.5.2/xorriso/sfile.c:402:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(text, "_overflow_");
data/libisoburn-1.5.2/xorriso/sfile.c:417:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(text, "_overflow_");
data/libisoburn-1.5.2/xorriso/sfile.c:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rpt, *wpt, num_text[8], wdummy[8];
data/libisoburn-1.5.2/xorriso/sfile.c:606:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wpt, "%-3.3o", (unsigned int) *((unsigned char *) rpt));
data/libisoburn-1.5.2/xorriso/sfile.c:810:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_str(char target[SfileadrL], char *source, int flag)
data/libisoburn-1.5.2/xorriso/sfile.c:876:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) reply)[i]= ((char *) now)[i];
data/libisoburn-1.5.2/xorriso/sfile.c:876:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) reply)[i]= ((char *) now)[i];
data/libisoburn-1.5.2/xorriso/sfile.h:36:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_str(char target[SfileadrL], char *source, int flag);
data/libisoburn-1.5.2/xorriso/sfile.h:40:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_add_to_path(char path[SfileadrL], char *addon, int flag);
data/libisoburn-1.5.2/xorriso/sfile.h:107:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_off_t_text(char text[80], off_t num, int flag);
data/libisoburn-1.5.2/xorriso/sfile.h:109:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_leafname(char *path, char leafname[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/sfile.h:109:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_leafname(char *path, char leafname[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/sfile.h:136:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_prepend_path(char *prefix, char path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/sfile.h:136:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Sfile_prepend_path(char *prefix, char path[SfileadrL], int flag);
data/libisoburn-1.5.2/xorriso/sort_cmp.c:355:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/sort_cmp.c:707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[4];
data/libisoburn-1.5.2/xorriso/text_io.c:173:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(retpt, cpt, count);
data/libisoburn-1.5.2/xorriso/text_io.c:268:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "-history ");
data/libisoburn-1.5.2/xorriso/text_io.c:296:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "-history ");
data/libisoburn-1.5.2/xorriso/text_io.c:330:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_input[SfileadrL]= {""};
data/libisoburn-1.5.2/xorriso/text_io.c:391:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Input line too long !");
data/libisoburn-1.5.2/xorriso/text_io.c:424:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-------------------------------------\n");
data/libisoburn-1.5.2/xorriso/text_io.c:426:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Enter new text for empty input line :\n");
data/libisoburn-1.5.2/xorriso/text_io.c:437:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Input line too long !");
data/libisoburn-1.5.2/xorriso/text_io.c:455:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:579:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:586:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:607:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:617:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:624:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:666:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Open quotation mark at end of input");
data/libisoburn-1.5.2/xorriso/text_io.c:691:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Input line too long !");
data/libisoburn-1.5.2/xorriso/text_io.c:708:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Empty text as quoted argument in ");
data/libisoburn-1.5.2/xorriso/text_io.c:711:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:716:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:719:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:795:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:923:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/libisoburn-1.5.2/xorriso/text_io.c:926:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char channel_prefixes[4][4]= {".","R","I","M"};
data/libisoburn-1.5.2/xorriso/text_io.c:977:49: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xorriso->logfile_fp[channel_no]= logfile_fp= fopen(text,"a");
data/libisoburn-1.5.2/xorriso/text_io.c:986:35: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xorriso->pktlog_fp= pktlog_fp= fopen(text,"a");
data/libisoburn-1.5.2/xorriso/text_io.c:998:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xorriso->stderr_fp= fopen(text, "a");
data/libisoburn-1.5.2/xorriso/text_io.c:1086:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, prefix, 5);
data/libisoburn-1.5.2/xorriso/text_io.c:1087:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line + 5, rpt, l);
data/libisoburn-1.5.2/xorriso/text_io.c:1120:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, prefix, 5);
data/libisoburn-1.5.2/xorriso/text_io.c:1121:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line + 5, rpt, l);
data/libisoburn-1.5.2/xorriso/text_io.c:1547:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:1571:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:1634:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:2442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ttx[41];
data/libisoburn-1.5.2/xorriso/text_io.c:2510:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pfx_list[20][16]= {
data/libisoburn-1.5.2/xorriso/text_io.c:2649:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp= fopen(xorriso->session_logfile, "a");
data/libisoburn-1.5.2/xorriso/text_io.c:2747:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[64];
data/libisoburn-1.5.2/xorriso/text_io.c:2750:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%dkB/s", speed);
data/libisoburn-1.5.2/xorriso/text_io.c:2759:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%d", speed);
data/libisoburn-1.5.2/xorriso/text_io.c:2781:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char channel_prefixes[4][4]= {".","R","I","M"};
data/libisoburn-1.5.2/xorriso/text_io.c:2784:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char scsi_family[8][8]=
data/libisoburn-1.5.2/xorriso/text_io.c:2795:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-no_rc\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2806:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-dialog on\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2808:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-dialog single_line\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2810:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-dialog off\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2817:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-page %d %d\n",
data/libisoburn-1.5.2/xorriso/text_io.c:2836:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "-backslash_codes ");
data/libisoburn-1.5.2/xorriso/text_io.c:2838:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "off");
data/libisoburn-1.5.2/xorriso/text_io.c:2840:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "on");
data/libisoburn-1.5.2/xorriso/text_io.c:2843:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "in_double_quotes");
data/libisoburn-1.5.2/xorriso/text_io.c:2845:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "in_quotes");
data/libisoburn-1.5.2/xorriso/text_io.c:2847:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "with_quoted_input");
data/libisoburn-1.5.2/xorriso/text_io.c:2851:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "with_program_arguments");
data/libisoburn-1.5.2/xorriso/text_io.c:2856:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "encode_output");
data/libisoburn-1.5.2/xorriso/text_io.c:2861:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "encode_results");
data/libisoburn-1.5.2/xorriso/text_io.c:2866:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "encode_infos");
data/libisoburn-1.5.2/xorriso/text_io.c:2944:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-temp_mem_limit %dm\n", xorriso->temp_mem_limit/1024/1024);
data/libisoburn-1.5.2/xorriso/text_io.c:2946:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-temp_mem_limit %dk\n", xorriso->temp_mem_limit/1024);
data/libisoburn-1.5.2/xorriso/text_io.c:2955:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-ban_stdio_write\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2967:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-data_cache_size ");
data/libisoburn-1.5.2/xorriso/text_io.c:2969:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "default ");
data/libisoburn-1.5.2/xorriso/text_io.c:2971:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "%d ", xorriso->cache_num_tiles);
data/libisoburn-1.5.2/xorriso/text_io.c:2973:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "default\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2975:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "%d\n", xorriso->cache_tile_blocks);
data/libisoburn-1.5.2/xorriso/text_io.c:3014:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-boot_image any partition_offset=%lu\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3019:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-boot_image any partition_sec_hd=%lu\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3024:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-boot_image any partition_hd_cyl=%lu\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3054:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any appended_part_as=mbr\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3059:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any appended_part_as=gpt\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3063:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any appended_part_as=apm\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3075:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any iso_mbr_part_type=");
data/libisoburn-1.5.2/xorriso/text_io.c:3080:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "default\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3082:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "0x%-2.2x\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3094:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "%-2.2x",
data/libisoburn-1.5.2/xorriso/text_io.c:3121:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char modes[4][6]= {"off", "auto", "on", "force"};
data/libisoburn-1.5.2/xorriso/text_io.c:3134:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any hfsplus_serial=");
data/libisoburn-1.5.2/xorriso/text_io.c:3136:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line + strlen(line), "%-2.2X",
data/libisoburn-1.5.2/xorriso/text_io.c:3143:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any hfsplus_block_size=%d\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3149:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-boot_image any apm_block_size=%d\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3154:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-cd ");
data/libisoburn-1.5.2/xorriso/text_io.c:3157:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-cdi ");
data/libisoburn-1.5.2/xorriso/text_io.c:3166:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line,"-split_size ");
data/libisoburn-1.5.2/xorriso/text_io.c:3199:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-file_name_limit %d\n", xorriso->file_name_limit);
data/libisoburn-1.5.2/xorriso/text_io.c:3224:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-iso_nowtime =%.f\n", (double) xorriso->now_time_override);
data/libisoburn-1.5.2/xorriso/text_io.c:3226:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-iso_nowtime dynamic\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3365:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-jigdo clear 'all'\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3378:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-uid %lu\n", (unsigned long) xorriso->global_uid);
data/libisoburn-1.5.2/xorriso/text_io.c:3383:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-gid %lu\n", (unsigned long) xorriso->global_gid);
data/libisoburn-1.5.2/xorriso/text_io.c:3404:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode,":pattern");
data/libisoburn-1.5.2/xorriso/text_io.c:3406:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode,":param");
data/libisoburn-1.5.2/xorriso/text_io.c:3408:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode,":link");
data/libisoburn-1.5.2/xorriso/text_io.c:3410:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode,":concat");
data/libisoburn-1.5.2/xorriso/text_io.c:3412:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode,":mount");
data/libisoburn-1.5.2/xorriso/text_io.c:3414:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, ":off");
data/libisoburn-1.5.2/xorriso/text_io.c:3415:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode+strlen(mode), ":limit=%d", xorriso->follow_link_limit);
data/libisoburn-1.5.2/xorriso/text_io.c:3460:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "off");
data/libisoburn-1.5.2/xorriso/text_io.c:3462:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "full");
data/libisoburn-1.5.2/xorriso/text_io.c:3464:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "data");
data/libisoburn-1.5.2/xorriso/text_io.c:3466:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "on");
data/libisoburn-1.5.2/xorriso/text_io.c:3468:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode, "%ds", xorriso->do_stream_recording);
data/libisoburn-1.5.2/xorriso/text_io.c:3480:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "off");
data/libisoburn-1.5.2/xorriso/text_io.c:3482:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "on");
data/libisoburn-1.5.2/xorriso/text_io.c:3484:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode, "%d", xorriso->modesty_on_drive);
data/libisoburn-1.5.2/xorriso/text_io.c:3485:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":min_percent=%d", xorriso->min_buffer_percent);
data/libisoburn-1.5.2/xorriso/text_io.c:3486:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":max_percent=%d", xorriso->max_buffer_percent);
data/libisoburn-1.5.2/xorriso/text_io.c:3488:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":timeout_sec=%d", xorriso->buffer_timeout_sec);
data/libisoburn-1.5.2/xorriso/text_io.c:3490:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":min_usec=%d", xorriso->min_buffer_usec);
data/libisoburn-1.5.2/xorriso/text_io.c:3492:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":max_usec=%d", xorriso->max_buffer_usec);
data/libisoburn-1.5.2/xorriso/text_io.c:3498:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "default");
data/libisoburn-1.5.2/xorriso/text_io.c:3500:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode, "%dk", xorriso->dvd_obs / 1024);
data/libisoburn-1.5.2/xorriso/text_io.c:3506:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "-use_immed_bit ");
data/libisoburn-1.5.2/xorriso/text_io.c:3508:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "default");
data/libisoburn-1.5.2/xorriso/text_io.c:3510:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "/on");
data/libisoburn-1.5.2/xorriso/text_io.c:3512:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "/off");
data/libisoburn-1.5.2/xorriso/text_io.c:3515:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "on\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3517:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "off\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3523:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "-stdio_sync ");
data/libisoburn-1.5.2/xorriso/text_io.c:3525:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "off");
data/libisoburn-1.5.2/xorriso/text_io.c:3527:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "on");
data/libisoburn-1.5.2/xorriso/text_io.c:3529:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "end");
data/libisoburn-1.5.2/xorriso/text_io.c:3543:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-fs %dm\n", xorriso->fs/512);
data/libisoburn-1.5.2/xorriso/text_io.c:3545:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-fs %dk\n", xorriso->fs*2);
data/libisoburn-1.5.2/xorriso/text_io.c:3550:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-padding %dk\n", xorriso->padding/1024);
data/libisoburn-1.5.2/xorriso/text_io.c:3582:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-pacifier interval=%f\n", xorriso->pacifier_interval);
data/libisoburn-1.5.2/xorriso/text_io.c:3599:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"-status_history_max %d\n",xorriso->status_history_max);
data/libisoburn-1.5.2/xorriso/text_io.c:3631:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line+strlen(line),"''\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3655:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfe, "%d", xorriso->grow_blindly_msc2);
data/libisoburn-1.5.2/xorriso/text_io.c:3730:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-md5 ");
data/libisoburn-1.5.2/xorriso/text_io.c:3733:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "all");
data/libisoburn-1.5.2/xorriso/text_io.c:3735:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "on");
data/libisoburn-1.5.2/xorriso/text_io.c:3737:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, ":stability_check_on");
data/libisoburn-1.5.2/xorriso/text_io.c:3740:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, ":load_check_off");
data/libisoburn-1.5.2/xorriso/text_io.c:3743:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "off\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3748:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-ecma119_map ");
data/libisoburn-1.5.2/xorriso/text_io.c:3750:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "unmapped\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3752:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "uppercase\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3754:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "lowercase\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3756:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "stripped\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3762:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-scdbackup_tag ");
data/libisoburn-1.5.2/xorriso/text_io.c:3776:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-rr_reloc_dir ");
data/libisoburn-1.5.2/xorriso/text_io.c:3783:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "-assert_volid ");
data/libisoburn-1.5.2/xorriso/text_io.c:3941:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count_text[80], byte_text[80], profile_name[80], *speed_unit;
data/libisoburn-1.5.2/xorriso/text_io.c:3958:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(byte_text, " (");
data/libisoburn-1.5.2/xorriso/text_io.c:3967:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:3971:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(count_text, "%7.f", (double) count);
data/libisoburn-1.5.2/xorriso/text_io.c:3983:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:3986:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:4052:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Out of virtual memory");
data/libisoburn-1.5.2/xorriso/text_io.c:4092:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/text_io.c:4095:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/text_io.c:4098:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/text_io.c:4101:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/text_io.c:4108:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/text_io.c:4113:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line,
data/libisoburn-1.5.2/xorriso/text_io.c:4118:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Event triggered by MD5 comparison mismatch");
data/libisoburn-1.5.2/xorriso/text_io.c:4140:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-msg_op parse: Enter %d lines of text\n",
data/libisoburn-1.5.2/xorriso/text_io.c:4143:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-msg_op parse: Enter text line\n");
data/libisoburn-1.5.2/xorriso/text_io.c:4169:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", ret);
data/libisoburn-1.5.2/xorriso/text_io.c:4172:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", pargc);
data/libisoburn-1.5.2/xorriso/text_io.c:4182:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "%d\n", ret);
data/libisoburn-1.5.2/xorriso/text_io.c:4191:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->result_line, "0\n");
data/libisoburn-1.5.2/xorriso/text_io.c:4212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/libisoburn-1.5.2/xorriso/text_io.c:4217:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4221:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4224:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4284:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-launch_frontend : Banned at compile time.");
data/libisoburn-1.5.2/xorriso/text_io.c:4286:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4298:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4301:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4314:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4353:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4366:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4379:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
command_pipe[0]= open(cmd_pipe_adr, O_RDONLY | O_BINARY);
data/libisoburn-1.5.2/xorriso/text_io.c:4388:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
reply_pipe[1]= open(reply_pipe_adr, O_WRONLY | O_APPEND | O_BINARY);
data/libisoburn-1.5.2/xorriso/text_io.c:4408:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4426:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
command_pipe[1]= open(cmd_pipe_adr, O_WRONLY | O_APPEND | O_BINARY);
data/libisoburn-1.5.2/xorriso/text_io.c:4434:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
reply_pipe[0]= open(reply_pipe_adr, O_RDONLY | O_BINARY);
data/libisoburn-1.5.2/xorriso/text_io.c:4472:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_open_named_pipe(struct XorrisO *xorriso, char fd_names[3][20],
data/libisoburn-1.5.2/xorriso/text_io.c:4478:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pipe_fds[i]= open(pipe_paths[i], (i == 0 ? O_RDONLY : O_WRONLY) | O_BINARY);
data/libisoburn-1.5.2/xorriso/text_io.c:4519:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pipe_paths[3], int flag)
data/libisoburn-1.5.2/xorriso/text_io.c:4527:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fd_names[3][20] = {
data/libisoburn-1.5.2/xorriso/text_io.c:4529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_text[80], limit_text[80];
data/libisoburn-1.5.2/xorriso/text_io.c:4535:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4548:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4555:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/text_io.c:4686:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Removing named pipe ");
data/libisoburn-1.5.2/xorriso/text_io.c:4725:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out_text, "'xorriso: TEXT MUCH TOO LONG ... ");
data/libisoburn-1.5.2/xorriso/text_io.c:4750:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xorriso->info_text + offst + maxl - 12, "#[truncated]");
data/libisoburn-1.5.2/xorriso/text_io.h:103:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pipe_paths[3], int flag);
data/libisoburn-1.5.2/xorriso/write_run.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80];
data/libisoburn-1.5.2/xorriso/write_run.c:86:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:91:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:94:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:97:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:102:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:105:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:108:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:116:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:121:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:126:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80];
data/libisoburn-1.5.2/xorriso/write_run.c:148:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Cannot allocate option set");
data/libisoburn-1.5.2/xorriso/write_run.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80];
data/libisoburn-1.5.2/xorriso/write_run.c:216:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Program error : no track in prepared disc");
data/libisoburn-1.5.2/xorriso/write_run.c:233:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:292:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80];
data/libisoburn-1.5.2/xorriso/write_run.c:373:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:383:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:388:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Rejected: ");
data/libisoburn-1.5.2/xorriso/write_run.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33];
data/libisoburn-1.5.2/xorriso/write_run.c:418:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:425:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:520:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:545:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:556:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Copying to System Area: %d bytes from file ",
data/libisoburn-1.5.2/xorriso/write_run.c:574:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:636:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:669:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Adding boot image ");
data/libisoburn-1.5.2/xorriso/write_run.c:683:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:699:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cpt, "boot.cat");
data/libisoburn-1.5.2/xorriso/write_run.c:705:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:714:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:738:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:745:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:748:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:752:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, "Will record 65535 in El Torito.");
data/libisoburn-1.5.2/xorriso/write_run.c:801:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *path, data[512];
data/libisoburn-1.5.2/xorriso/write_run.c:820:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1015:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1029:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1050:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *hargv[4];
data/libisoburn-1.5.2/xorriso/write_run.c:1134:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1148:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1156:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1174:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1177:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1280:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Patching boot info table");
data/libisoburn-1.5.2/xorriso/write_run.c:1288:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1291:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1294:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1303:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1309:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Keeping boot image unchanged");
data/libisoburn-1.5.2/xorriso/write_run.c:1313:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Discarded boot image from old session");
data/libisoburn-1.5.2/xorriso/write_run.c:1323:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[16], *value= timestamp;
data/libisoburn-1.5.2/xorriso/write_run.c:1326:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(timestamp, "%.f", (double) xorriso->isofs_st_out);
data/libisoburn-1.5.2/xorriso/write_run.c:1371:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"Failed to prepare session write run");
data/libisoburn-1.5.2/xorriso/write_run.c:1430:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1437:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1450:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1460:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1534:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *status_text, date_text[80], *speed_unit, mem_text[8];
data/libisoburn-1.5.2/xorriso/write_run.c:1621:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "%4d of %4d MB written",
data/libisoburn-1.5.2/xorriso/write_run.c:1624:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "%4d MB written",
data/libisoburn-1.5.2/xorriso/write_run.c:1633:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:1637:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text), " [buf %3d%%]",
data/libisoburn-1.5.2/xorriso/write_run.c:1641:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text), " %4.1fx.",
data/libisoburn-1.5.2/xorriso/write_run.c:1649:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, " %2.2f%% done", quot*100.0);
data/libisoburn-1.5.2/xorriso/write_run.c:1694:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mem_text, " 99.9");
data/libisoburn-1.5.2/xorriso/write_run.c:1696:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mem_text, "%5.1f",
data/libisoburn-1.5.2/xorriso/write_run.c:1708:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:1718:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1722:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Formatting. Working since %.f seconds",
data/libisoburn-1.5.2/xorriso/write_run.c:1725:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1769:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_profile_name[80];
data/libisoburn-1.5.2/xorriso/write_run.c:1771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode_names[4][80]= {"all", "fast", "deformat", "deformat_quickest"};
data/libisoburn-1.5.2/xorriso/write_run.c:1772:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char progress_text[40];
data/libisoburn-1.5.2/xorriso/write_run.c:1792:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1795:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1803:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1811:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,"No media detected in drive");
data/libisoburn-1.5.2/xorriso/write_run.c:1815:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Unsuitable drive and media state");
data/libisoburn-1.5.2/xorriso/write_run.c:1820:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Media is not of erasable type");
data/libisoburn-1.5.2/xorriso/write_run.c:1850:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(progress_text, "synchronously since");
data/libisoburn-1.5.2/xorriso/write_run.c:1856:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(progress_text, "%.1f%% done in", percent);
data/libisoburn-1.5.2/xorriso/write_run.c:1867:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Blanking done\n");
data/libisoburn-1.5.2/xorriso/write_run.c:1870:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Blanking failed.");
data/libisoburn-1.5.2/xorriso/write_run.c:1901:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_profile_name[80], progress_text[40];
data/libisoburn-1.5.2/xorriso/write_run.c:1931:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1935:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1952:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1967:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1986:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:1998:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "-dummy mode prevents formatting of medium.");
data/libisoburn-1.5.2/xorriso/write_run.c:2003:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Beginning to format medium.\n");
data/libisoburn-1.5.2/xorriso/write_run.c:2020:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(progress_text, "synchronously since");
data/libisoburn-1.5.2/xorriso/write_run.c:2026:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(progress_text, "%.1f%% done in", percent);
data/libisoburn-1.5.2/xorriso/write_run.c:2038:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Formatting done\n");
data/libisoburn-1.5.2/xorriso/write_run.c:2041:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2076:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_profile_name[80];
data/libisoburn-1.5.2/xorriso/write_run.c:2217:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Cannot add session object to disc object.");
data/libisoburn-1.5.2/xorriso/write_run.c:2228:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd= open(track_source, O_RDONLY | O_BINARY);
data/libisoburn-1.5.2/xorriso/write_run.c:2238:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Could not open data source ");
data/libisoburn-1.5.2/xorriso/write_run.c:2249:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Could not create fifo object of %.f MB",
data/libisoburn-1.5.2/xorriso/write_run.c:2258:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2278:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2282:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Try -blank as_needed\n");
data/libisoburn-1.5.2/xorriso/write_run.c:2286:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "No media detected in drive");
data/libisoburn-1.5.2/xorriso/write_run.c:2289:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2306:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2315:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2320:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Size of ISO 9660 image: %ds", isosize);
data/libisoburn-1.5.2/xorriso/write_run.c:2335:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2348:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2389:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2402:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Beginning to write data track.\n");
data/libisoburn-1.5.2/xorriso/write_run.c:2425:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2432:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2444:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Writing to ");
data/libisoburn-1.5.2/xorriso/write_run.c:2446:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xorriso->info_text, " completed successfully.\n\n");
data/libisoburn-1.5.2/xorriso/write_run.c:2666:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/libisoburn-1.5.2/xorriso/write_run.c:2698:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2713:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_relax_text(struct XorrisO *xorriso, char mode[1024],
data/libisoburn-1.5.2/xorriso/write_run.c:2720:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "strict");
data/libisoburn-1.5.2/xorriso/write_run.c:2723:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "clear");
data/libisoburn-1.5.2/xorriso/write_run.c:2724:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":iso_9660_level=%d", xorriso->iso_level);
data/libisoburn-1.5.2/xorriso/write_run.c:2726:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":allow_dir_id_ext");
data/libisoburn-1.5.2/xorriso/write_run.c:2728:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":omit_version");
data/libisoburn-1.5.2/xorriso/write_run.c:2730:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":only_iso_version");
data/libisoburn-1.5.2/xorriso/write_run.c:2732:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":deep_paths");
data/libisoburn-1.5.2/xorriso/write_run.c:2734:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":long_paths");
data/libisoburn-1.5.2/xorriso/write_run.c:2736:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":long_names");
data/libisoburn-1.5.2/xorriso/write_run.c:2738:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":no_force_dots");
data/libisoburn-1.5.2/xorriso/write_run.c:2740:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":no_j_force_dots");
data/libisoburn-1.5.2/xorriso/write_run.c:2742:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":lowercase");
data/libisoburn-1.5.2/xorriso/write_run.c:2744:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":full_ascii");
data/libisoburn-1.5.2/xorriso/write_run.c:2746:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":7bit_ascii");
data/libisoburn-1.5.2/xorriso/write_run.c:2748:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":joliet_long_paths");
data/libisoburn-1.5.2/xorriso/write_run.c:2750:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":joliet_long_names");
data/libisoburn-1.5.2/xorriso/write_run.c:2752:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":joliet_utf16");
data/libisoburn-1.5.2/xorriso/write_run.c:2754:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":always_gmt");
data/libisoburn-1.5.2/xorriso/write_run.c:2756:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":rec_mtime");
data/libisoburn-1.5.2/xorriso/write_run.c:2758:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":old_rr");
data/libisoburn-1.5.2/xorriso/write_run.c:2760:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":aaip_susp_1_10_off");
data/libisoburn-1.5.2/xorriso/write_run.c:2762:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":new_rr");
data/libisoburn-1.5.2/xorriso/write_run.c:2764:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":aaip_susp_1_10");
data/libisoburn-1.5.2/xorriso/write_run.c:2767:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mode, ":no_emul_toc");
data/libisoburn-1.5.2/xorriso/write_run.c:2769:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":untranslated_name_len=%d",
data/libisoburn-1.5.2/xorriso/write_run.c:2772:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":iso_9660_1999");
data/libisoburn-1.5.2/xorriso/write_run.c:2774:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode + strlen(mode), ":old_empty");
data/libisoburn-1.5.2/xorriso/write_run.c:2794:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Programming error: No boot image available in Xorriso_set_isolinux_options()");
data/libisoburn-1.5.2/xorriso/write_run.c:2845:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2851:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Will write isohybrid MBR.");
data/libisoburn-1.5.2/xorriso/write_run.c:2886:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[16];
data/libisoburn-1.5.2/xorriso/write_run.c:2921:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2937:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2945:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2956:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:2977:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(((unsigned char *) head_buffer)[i * 2048] == 0xff &&
data/libisoburn-1.5.2/xorriso/write_run.c:2997:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:3009:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:3016:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:3054:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:3070:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:3076:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:3104:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text,
data/libisoburn-1.5.2/xorriso/write_run.c:3136:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_parse_guid(struct XorrisO *xorriso, char *text,
data/libisoburn-1.5.2/xorriso/write_run.c:3166:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guid, u, 16);
data/libisoburn-1.5.2/xorriso/write_run.c:3174:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guid, u, 16);
data/libisoburn-1.5.2/xorriso/write_run.c:3180:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xorriso->info_text, "Malformed GUID string: ");
data/libisoburn-1.5.2/xorriso/write_run.c:3213:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_parse_type_guid(struct XorrisO *xorriso, char *text,
data/libisoburn-1.5.2/xorriso/xorriso.h:578:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_problem_status(struct XorrisO *xorriso, char severity[80],
data/libisoburn-1.5.2/xorriso/xorriso_private.h:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char progname[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char initial_wdx[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rc_filenames[Xorriso_rc_nuM][SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wdi[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wdx[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list_delimiter[81];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scdbackup_tag_name[81];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scdbackup_tag_time[19];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scdbackup_tag_written[512];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scdbackup_tag_listname[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rr_reloc_dir[256];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volid[33];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loaded_volid[33];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char assert_volid[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char assert_volid_sev[80];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preparer_id[129];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char publisher[129];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_id[129];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_id[33];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volset_id[129];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyright_file[38];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char biblio_file[38];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abstract_file[38];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char application_use[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char session_logfile[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char image_start_value[81]; /* value according image_start_mode */
data/libisoburn-1.5.2/xorriso/xorriso_private.h:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indev[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indev_off_adr[SfileadrL]; /* Result of burn_drive_convert_fs_adr(indev)
data/libisoburn-1.5.2/xorriso/xorriso_private.h:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outdev[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:351:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outdev_off_adr[SfileadrL]; /* Result of burn_drive_convert_fs_adr(outdev)
data/libisoburn-1.5.2/xorriso/xorriso_private.h:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boot_image_cat_path[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boot_image_bin_path[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boot_image_bin_form[16];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:422:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char boot_id_string[29];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:423:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char boot_selection_crit[21];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_area_disk_path[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prep_partition[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char efi_boot_partition[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *appended_partitions[Xorriso_max_appended_partitionS];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_disc_label[Xorriso_disc_label_sizE];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grub2_sparc_core[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[17];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char all_file_dates[80];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loaded_boot_cat_path[SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mark_text[SfileadrL]; /* ( stdout+stderr, M: ) */
data/libisoburn-1.5.2/xorriso/xorriso_private.h:690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfile[4][SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char report_about_text[20];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:736:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abort_on_text[20];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char problem_status_text[20];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errfile_log[SfileadrL]; /* for -errfile_log */
data/libisoburn-1.5.2/xorriso/xorriso_private.h:751:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char return_with_text[20];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:755:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eternal_problem_status_text[20];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reg_expr[2*SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:769:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pending_option[SfileadrL]; /* eventual option entered at page prompt */
data/libisoburn-1.5.2/xorriso/xorriso_private.h:849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result_line[10*SfileadrL];
data/libisoburn-1.5.2/xorriso/xorriso_private.h:856:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info_text[10*SfileadrL];
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:219:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_volid(struct XorrisO *xorriso, char volid[33], int flag);
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:252:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_name[80], int flag);
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:314:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *img_path, char *disk_path,
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:314:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *img_path, char *disk_path,
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:315:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_text[5], int flag);
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:383:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_relax_text(struct XorrisO *xorriso, char mode[1024],
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:508:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_get_md5(struct XorrisO *xorriso, void *in_node, char *path,
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:509:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[16], int flag);
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:519:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_md5_end(struct XorrisO *xorriso, void **ctx, char md5[16],
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:589:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_preparer_string(struct XorrisO *xorriso, char xorriso_id[129],
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:651:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_parse_guid(struct XorrisO *xorriso, char *text,
data/libisoburn-1.5.2/xorriso/xorrisoburn.h:656:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Xorriso_parse_type_guid(struct XorrisO *xorriso, char *text,
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:238:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(line);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:264:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = write(boss->command_fd, line, strlen(line));
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:273:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = write(boss->command_fd, mark_line, strlen(mark_line));
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:291:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
count = read(boss->reply_fd, buf + remainder,
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:331:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) < 6) {
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:337:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((line - buf) + strlen(line) + 1 < count) {
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:340:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(stderr, "%s\n", line + strlen(line) + 1);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:371:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= 5)
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:392:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(boss->reply_lines[i]) < 5)
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:398:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(payload);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:399:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_payload = calloc(l + strlen(boss->reply_lines[i] + 5) + 1, 1);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:409:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(payload);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:659:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(line, prefix, strlen(prefix)) == 0) {
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:660:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
to_parse = line + strlen(prefix);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:841:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf= calloc(strlen(line) + SfileadrL, 1);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:849:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxl= strlen(progname);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:868:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpt+= strlen(cpt) - 1;
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:878:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:880:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l); buf[bufl + l]= 0;
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:887:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:892:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:894:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:904:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:906:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l); buf[bufl + l]= 0;
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:913:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:918:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:920:12: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buf,start,l);buf[bufl+l]= 0;
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:932:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufl= strlen(buf);
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:934:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l); buf[bufl + l]= 0;
data/libisoburn-1.5.2/frontend/frontend_pipes_xorriso.c:941:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(buf);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:192:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg + strlen(msg), "libjte-%d.%d.%d ", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:195:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "ok, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:197:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg + strlen(msg),
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:209:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "Cannot initialize libisofs\n");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:214:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "libisofs-%d.%d.%d ", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:219:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "ok, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:221:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"- TOO OLD -, need at least libisofs-%d.%d.%d ,\n",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:230:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "suspicious, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:232:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"- TOO OLD -, need at least libisofs-%d.%d.%d ,\n",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:240:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "Cannot initialize libburn\n");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:245:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "libburn-%d.%d.%d ", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:251:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "ok, ");
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:253:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "- TOO OLD -, need at least libburn-%d.%d.%d ,\n",
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:260:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg), "for libisoburn-%d.%d.%d", major, minor, micro);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:981:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg + strlen(msg), "Reasons given:\n %s", reasons);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1270:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info, (char *) (data+40), 32);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1272:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i= strlen(info)-1; i>=0; i--)
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1887:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(volid, t->toc_entry->volid, 32);
data/libisoburn-1.5.2/libisoburn/burn_wrap.c:1974:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(adr_value)<=80 ? adr_value : "-oversized-string-");
data/libisoburn-1.5.2/libisoburn/isoburn.c:671:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/libisoburn-1.5.2/libisoburn/isoburn.c:789:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(o->iso_source->read!=NULL)
data/libisoburn-1.5.2/libisoburn/isoburn.c:1499:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(o->scdbackup_tag_name, name, 80);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1501:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(o->scdbackup_tag_time, timestamp, 18);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1514:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, o->scdbackup_tag_name, 80);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1516:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(timestamp, o->scdbackup_tag_time, 18);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1563:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(opts->vol_uuid, vol_uuid, 16);
data/libisoburn-1.5.2/libisoburn/isoburn.c:1928:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(opts->ascii_disc_label, label, Libisoburn_disc_label_sizE - 1);
data/libisoburn-1.5.2/test/compare_file.c:86:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%12.f", (double) t);
data/libisoburn-1.5.2/test/compare_file.c:88:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%3s %2d %2.2d:%2.2d",
data/libisoburn-1.5.2/test/compare_file.c:91:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%3s %2d %4.4d",
data/libisoburn-1.5.2/test/compare_file.c:114:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(a, " ");
data/libisoburn-1.5.2/test/compare_file.c:116:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(a) + strlen(adrc) < 4096)
data/libisoburn-1.5.2/test/compare_file.c:116:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(a) + strlen(adrc) < 4096)
data/libisoburn-1.5.2/test/compare_file.c:119:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(a, ".");
data/libisoburn-1.5.2/test/compare_file.c:205:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r1= read(fd1, buf1, sizeof(buf1));
data/libisoburn-1.5.2/test/compare_file.c:206:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r2= read(fd2, buf2, sizeof(buf2));
data/libisoburn-1.5.2/test/compare_file.c:287:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(argv[1], argv[2], strlen(argv[2]))!=0) {
data/libisoburn-1.5.2/test/compare_file.c:292:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[1]) >= 4096) {
data/libisoburn-1.5.2/test/compare_file.c:296:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[1]) - strlen(argv[2]) > 4000) {
data/libisoburn-1.5.2/test/compare_file.c:296:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[1]) - strlen(argv[2]) > 4000) {
data/libisoburn-1.5.2/test/compare_file.c:300:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[3]) + 1 + strlen(argv[1]) - strlen(argv[2]) >= 4096) {
data/libisoburn-1.5.2/test/compare_file.c:300:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[3]) + 1 + strlen(argv[1]) - strlen(argv[2]) >= 4096) {
data/libisoburn-1.5.2/test/compare_file.c:300:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[3]) + 1 + strlen(argv[1]) - strlen(argv[2]) >= 4096) {
data/libisoburn-1.5.2/test/compare_file.c:305:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(adrc, argv[1]+strlen(argv[2]));
data/libisoburn-1.5.2/test/compare_file.c:308:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(adr2, "/");
data/libisoburn-1.5.2/xorriso/aux_objects.c:162:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(cpt, Splitpart_wordS[0], strlen(Splitpart_wordS[0])) != 0)
data/libisoburn-1.5.2/xorriso/aux_objects.c:169:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(cpt, Splitpart_wordS[1], strlen(Splitpart_wordS[1])) != 0)
data/libisoburn-1.5.2/xorriso/aux_objects.c:176:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(cpt, Splitpart_wordS[2], strlen(Splitpart_wordS[2])) != 0)
data/libisoburn-1.5.2/xorriso/aux_objects.c:182:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(cpt, Splitpart_wordS[3], strlen(Splitpart_wordS[3])) != 0)
data/libisoburn-1.5.2/xorriso/aux_objects.c:188:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(cpt, Splitpart_wordS[4], strlen(Splitpart_wordS[4])) != 0)
data/libisoburn-1.5.2/xorriso/aux_objects.c:224:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(adr+strlen(adr), offset / (1024*1024), 0);
data/libisoburn-1.5.2/xorriso/aux_objects.c:225:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(adr, "m");
data/libisoburn-1.5.2/xorriso/aux_objects.c:227:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(adr+strlen(adr), offset, 0);
data/libisoburn-1.5.2/xorriso/aux_objects.c:230:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(adr+strlen(adr), bytes / (1024*1024), 0);
data/libisoburn-1.5.2/xorriso/aux_objects.c:231:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(adr, "m");
data/libisoburn-1.5.2/xorriso/aux_objects.c:233:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(adr+strlen(adr), bytes, 0);
data/libisoburn-1.5.2/xorriso/aux_objects.c:235:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(adr+strlen(adr), total_bytes, 0);
data/libisoburn-1.5.2/xorriso/aux_objects.c:432:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(entry->d_name)>=SfileadrL) {
data/libisoburn-1.5.2/xorriso/aux_objects.c:562:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_lst_new_binary(lstring,text,strlen(text)+1,link,flag);
data/libisoburn-1.5.2/xorriso/aux_objects.c:770:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
not_leafs_descr, strlen(not_leafs_descr)+1, 0);
data/libisoburn-1.5.2/xorriso/aux_objects.c:793:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(s->text);
data/libisoburn-1.5.2/xorriso/aux_objects.c:806:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(leaf_pt= abs_path+strlen(abs_path); leaf_pt >= abs_path; leaf_pt--) {
data/libisoburn-1.5.2/xorriso/aux_objects.c:815:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(leaf_pt)>=SfileadrL)
data/libisoburn-1.5.2/xorriso/base_obj.c:118:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m->progname,progname,sizeof(m->progname)-1);
data/libisoburn-1.5.2/xorriso/base_obj.c:183:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m->application_use, " ");
data/libisoburn-1.5.2/xorriso/check_media.c:306:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(path, msg+strlen(msg), 0);
data/libisoburn-1.5.2/xorriso/check_media.c:310:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret= read(fd, buf, 32);
data/libisoburn-1.5.2/xorriso/check_media.c:317:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(path, msg+strlen(msg), 0);
data/libisoburn-1.5.2/xorriso/check_media.c:332:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret= read(fd, buf, todo);
data/libisoburn-1.5.2/xorriso/check_media.c:338:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret= read(fd, buf, 8);
data/libisoburn-1.5.2/xorriso/check_media.c:357:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret= read(fd, buf, todo);
data/libisoburn-1.5.2/xorriso/check_media.c:386:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(path, msg+strlen(msg), 0);
data/libisoburn-1.5.2/xorriso/check_media.c:393:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(info);
data/libisoburn-1.5.2/xorriso/check_media.c:406:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(path, msg+strlen(msg), 0);
data/libisoburn-1.5.2/xorriso/check_media.c:704:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sev_text, argv[i] + 6, 19);
data/libisoburn-1.5.2/xorriso/check_media.c:857:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " use=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:861:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " what=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:864:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " min_lba=%d", job->min_lba);
data/libisoburn-1.5.2/xorriso/check_media.c:866:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " max_lba=%d", job->max_lba);
data/libisoburn-1.5.2/xorriso/check_media.c:868:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " retry=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:871:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " time_limit=%d", job->time_limit);
data/libisoburn-1.5.2/xorriso/check_media.c:873:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " item_limit=%d", job->item_limit);
data/libisoburn-1.5.2/xorriso/check_media.c:876:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(job->abort_file_path, report + strlen(report), 0);
data/libisoburn-1.5.2/xorriso/check_media.c:878:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(report) > 4 * SfileadrL)
data/libisoburn-1.5.2/xorriso/check_media.c:882:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(job->data_to_path, report + strlen(report), 0);
data/libisoburn-1.5.2/xorriso/check_media.c:884:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(report) > 4 * SfileadrL)
data/libisoburn-1.5.2/xorriso/check_media.c:888:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(job->sector_map_path, report + strlen(report), 0);
data/libisoburn-1.5.2/xorriso/check_media.c:891:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " map_with_volid=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:894:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " patch_lba0=");
data/libisoburn-1.5.2/xorriso/check_media.c:896:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), "off");
data/libisoburn-1.5.2/xorriso/check_media.c:898:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), "%d%s",
data/libisoburn-1.5.2/xorriso/check_media.c:901:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), "%s",
data/libisoburn-1.5.2/xorriso/check_media.c:905:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " report=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:909:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " slow_limit=%f", job->slow_threshold_seq);
data/libisoburn-1.5.2/xorriso/check_media.c:911:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " bad_limit=%s",
data/libisoburn-1.5.2/xorriso/check_media.c:915:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " chunk_size=%ds", job->min_block_size);
data/libisoburn-1.5.2/xorriso/check_media.c:917:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(report + strlen(report), " event=%s", job->event_severity);
data/libisoburn-1.5.2/xorriso/check_media.c:918:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(report) > 4 * SfileadrL)
data/libisoburn-1.5.2/xorriso/check_media.c:922:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(report, " ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:127:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret= read(fd1, buf1, wanted);
data/libisoburn-1.5.2/xorriso/cmp_update.c:340:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), " (DISK) : exluded by %s\n",
data/libisoburn-1.5.2/xorriso/cmp_update.c:356:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt),
data/libisoburn-1.5.2/xorriso/cmp_update.c:365:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(a, "?");
data/libisoburn-1.5.2/xorriso/cmp_update.c:368:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(a, " ");
data/libisoburn-1.5.2/xorriso/cmp_update.c:372:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(disk_adr, a+strlen(a), 0);
data/libisoburn-1.5.2/xorriso/cmp_update.c:627:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(iso_adr)+strlen(part_name)+1,
data/libisoburn-1.5.2/xorriso/cmp_update.c:627:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(iso_adr)+strlen(part_name)+1,
data/libisoburn-1.5.2/xorriso/cmp_update.c:695:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(iso_path, iso_prefix, strlen(iso_prefix))!=0)
data/libisoburn-1.5.2/xorriso/cmp_update.c:697:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(disk_prefix) + strlen(iso_path) - strlen(iso_prefix)+1 >= SfileadrL)
data/libisoburn-1.5.2/xorriso/cmp_update.c:697:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(disk_prefix) + strlen(iso_path) - strlen(iso_prefix)+1 >= SfileadrL)
data/libisoburn-1.5.2/xorriso/cmp_update.c:697:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(disk_prefix) + strlen(iso_path) - strlen(iso_prefix)+1 >= SfileadrL)
data/libisoburn-1.5.2/xorriso/cmp_update.c:699:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(iso_path[strlen(iso_prefix)] == '/')
data/libisoburn-1.5.2/xorriso/cmp_update.c:700:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(adrc, iso_path + strlen(iso_prefix) + 1);
data/libisoburn-1.5.2/xorriso/cmp_update.c:702:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(adrc, iso_path + strlen(iso_prefix));
data/libisoburn-1.5.2/xorriso/cmp_update.c:918:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(iso_rr_path)+strlen(part_path)+1, 2);
data/libisoburn-1.5.2/xorriso/cmp_update.c:918:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(iso_rr_path)+strlen(part_path)+1, 2);
data/libisoburn-1.5.2/xorriso/cmp_update.c:933:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(part_path)+160>SfileadrL) {
data/libisoburn-1.5.2/xorriso/cmp_update.c:934:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(part_path)+160, 2);
data/libisoburn-1.5.2/xorriso/cmp_update.c:937:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Splitpart__compose(part_path+strlen(iso_rr_path)+1, partno,
data/libisoburn-1.5.2/xorriso/cmp_update.c:991:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(iso_rr_path)+strlen(part_path)+1, 2);
data/libisoburn-1.5.2/xorriso/cmp_update.c:991:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(iso_rr_path)+strlen(part_path)+1, 2);
data/libisoburn-1.5.2/xorriso/cmp_update.c:1019:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xorriso->info_text + strlen(xorriso->info_text), 5, 1e4,
data/libisoburn-1.5.2/xorriso/cmp_update.c:1021:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, ")");
data/libisoburn-1.5.2/xorriso/cmp_update.c:1027:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xorriso->info_text + strlen(xorriso->info_text), 5, 1e4,
data/libisoburn-1.5.2/xorriso/cmp_update.c:1029:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, ")");
data/libisoburn-1.5.2/xorriso/disk_ops.c:222:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(mpt)<2)
data/libisoburn-1.5.2/xorriso/disk_ops.c:410:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(path)+strlen(name)+1, 2);
data/libisoburn-1.5.2/xorriso/disk_ops.c:410:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(path)+strlen(name)+1, 2);
data/libisoburn-1.5.2/xorriso/disk_ops.c:432:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(rel_path)+1;
data/libisoburn-1.5.2/xorriso/disk_ops.c:572:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line+strlen(xorriso->result_line), "%s\n",
data/libisoburn-1.5.2/xorriso/disk_ops.c:673:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "d");
data/libisoburn-1.5.2/xorriso/disk_ops.c:675:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "-");
data/libisoburn-1.5.2/xorriso/disk_ops.c:677:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "l");
data/libisoburn-1.5.2/xorriso/disk_ops.c:679:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "b");
data/libisoburn-1.5.2/xorriso/disk_ops.c:682:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "c");
data/libisoburn-1.5.2/xorriso/disk_ops.c:685:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "p");
data/libisoburn-1.5.2/xorriso/disk_ops.c:687:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "s");
data/libisoburn-1.5.2/xorriso/disk_ops.c:689:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "e");
data/libisoburn-1.5.2/xorriso/disk_ops.c:691:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, "?");
data/libisoburn-1.5.2/xorriso/disk_ops.c:696:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt)," %3u ",(unsigned int) stbuf->st_nlink);
data/libisoburn-1.5.2/xorriso/disk_ops.c:698:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%-8lu ", (unsigned long) stbuf->st_uid);
data/libisoburn-1.5.2/xorriso/disk_ops.c:699:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%-8lu ", (unsigned long) stbuf->st_gid);
data/libisoburn-1.5.2/xorriso/disk_ops.c:717:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%8s ", mm_text);
data/libisoburn-1.5.2/xorriso/disk_ops.c:719:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%8.f ", (double) stbuf->st_size);
data/libisoburn-1.5.2/xorriso/disk_ops.c:721:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Ftimetxt(stbuf->st_mtime, rpt+strlen(rpt), 0);
data/libisoburn-1.5.2/xorriso/disk_ops.c:722:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rpt, " ");
data/libisoburn-1.5.2/xorriso/disk_ops.c:757:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem+= strlen(name)+8+sizeof(struct DirentrY)+sizeof(char *);
data/libisoburn-1.5.2/xorriso/disk_ops.c:870:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/disk_ops.c:930:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/disk_ops.c:972:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, strlen(path), 0)<=0)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1028:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pl= strlen(path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1043:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, pl+1+strlen(name), 0)<=0)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1163:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(abs_path, disk_prefix, strlen(disk_prefix))!=0)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1165:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dpl= strlen(disk_prefix);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1166:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(target)+strlen(abs_path)-dpl >= SfileadrL)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1166:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(target)+strlen(abs_path)-dpl >= SfileadrL)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1180:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1251:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/disk_ops.c:1587:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp_path, orig_path, cpt+1-orig_path);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1681:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wpt, apt, npt + 1 - apt);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1715:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
li= strlen(ipfx);
data/libisoburn-1.5.2/xorriso/disk_ops.c:1727:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dpfx) + strlen(img_path) - li + 1 >= SfileadrL)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1727:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(dpfx) + strlen(img_path) - li + 1 >= SfileadrL)
data/libisoburn-1.5.2/xorriso/disk_ops.c:1846:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cmd) > SfileadrL) {
data/libisoburn-1.5.2/xorriso/disk_ops.c:2068:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text), ". %s", why);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:398:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(adr_mode == 4 && strlen(adr_pt) <= 80) {
data/libisoburn-1.5.2/xorriso/drive_mgt.c:620:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->application_id,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:623:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->publisher, un0(iso_image_get_publisher_id(volset)), 128);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:625:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->system_id, un0(iso_image_get_system_id(volset)), 32);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:627:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->volset_id, un0(iso_image_get_volset_id(volset)), 128);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:629:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->copyright_file,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:632:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->biblio_file, un0(iso_image_get_biblio_file_id(volset)), 37);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:634:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->abstract_file,
data/libisoburn-1.5.2/xorriso/drive_mgt.c:843:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l+= strlen(Xorriso_lst_get_text(lpt, 0));
data/libisoburn-1.5.2/xorriso/drive_mgt.c:848:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l+= strlen(Xorriso_lst_get_text(lpt, 0));
data/libisoburn-1.5.2/xorriso/drive_mgt.c:894:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, ")");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:960:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), "(not found in manufacturer list)\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:962:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), "%s\n", manuf);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:964:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), "(error during manufacturer lookup)\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1086:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s", profile_name);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1088:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%4.4Xh", profile_no);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1090:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), ", Pseudo Overwrite formatted");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1092:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), ", overwriteable");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1094:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), ", random read-only");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1096:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), ", random write-only");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1098:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), ", sequential");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1099:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, "\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1101:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is not recognizable\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1114:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is unsuitable , is POW formatted");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1117:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is not recognizable\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1119:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is written , is closed");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1121:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is written , is appendable");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1123:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is blank");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1125:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is not present");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1127:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "is not recognizable");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1131:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), " , but next track is damaged");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1133:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), " , but no writable address");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1137:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), " , but will need -close on");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1141:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), " , but will need -close \"on\"");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1144:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, "\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1152:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
respt+= strlen(respt);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1159:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, "\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1226:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), ", %s free\n", mem_text);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1420:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), ", %s free", mem_text);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1422:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(respt+strlen(respt), "\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1422:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1479:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1509:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(adrpt) > max_dev_len)
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1510:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_dev_len= strlen(adrpt);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1536:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pad= max_dev_len-strlen(adrpt);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1539:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, " ");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1540:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s : '%-8.8s' '%s' \n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1844:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1867:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1874:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1890:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:1899:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), " %5dk , %4.1fx%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2012:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s\n", "Emulated (null-drive)");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2014:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2017:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2020:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2023:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s\n",
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2026:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s\n","Emulated (stdio-drive)");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2028:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "%s\n","Removable CD-ROM");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2029:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "Vendor_info : '%s'\n",dinfo->vendor);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2030:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "Identifikation : '%s'\n",dinfo->product);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2031:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "Revision : '%s'\n",dinfo->revision);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2052:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt+strlen(respt), "Supported modes: SAO TAO\n");
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2638:8: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2674:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2691:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/drive_mgt.c:2705:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/emulators.c:201:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(argpt, "--", 2) == 0 && strlen(argpt) > 3)
data/libisoburn-1.5.2/xorriso/emulators.c:207:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ignored_partial_options[k]))==0) {
data/libisoburn-1.5.2/xorriso/emulators.c:212:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ignored_partial_options[k]))==0)
data/libisoburn-1.5.2/xorriso/emulators.c:337:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(speed, cpt, 79);
data/libisoburn-1.5.2/xorriso/emulators.c:691:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(partial_options[i], cmd, strlen(partial_options[i]))==0)
data/libisoburn-1.5.2/xorriso/emulators.c:1064:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(arg_in) < 4)
data/libisoburn-1.5.2/xorriso/emulators.c:1214:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pathspec, "=");
data/libisoburn-1.5.2/xorriso/emulators.c:1218:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(pathspec);
data/libisoburn-1.5.2/xorriso/emulators.c:1316:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id, strlen(id) > 16 ? "..." : "");
data/libisoburn-1.5.2/xorriso/emulators.c:1418:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= write(fd, xorriso->result_line, strlen(xorriso->result_line));
data/libisoburn-1.5.2/xorriso/emulators.c:1430:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Sfile_str(adr+strlen(adr), argv[i], 0)<=0)
data/libisoburn-1.5.2/xorriso/emulators.c:1439:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Sfile_str(indev+strlen(indev), argv[i], 0)<=0)
data/libisoburn-1.5.2/xorriso/emulators.c:1446:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msc, argv[i], sizeof(msc)-1);
data/libisoburn-1.5.2/xorriso/emulators.c:1535:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(eff_path, "/");
data/libisoburn-1.5.2/xorriso/emulators.c:1546:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(old_root, "/");
data/libisoburn-1.5.2/xorriso/emulators.c:1683:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sfe, msc, cpt-msc);
data/libisoburn-1.5.2/xorriso/emulators.c:1732:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->wdi, "/");
data/libisoburn-1.5.2/xorriso/emulators.c:2160:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i]) >= SfileadrL)
data/libisoburn-1.5.2/xorriso/emulators.c:2176:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pathspec, cpt, ept - cpt);
data/libisoburn-1.5.2/xorriso/emulators.c:2501:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(boot_path, "/");
data/libisoburn-1.5.2/xorriso/emulators.c:2502:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Sfile_str(boot_path + strlen(boot_path), argv[i], 0);
data/libisoburn-1.5.2/xorriso/emulators.c:2536:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->boot_image_cat_path, "/");
data/libisoburn-1.5.2/xorriso/emulators.c:2538:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(xorriso->boot_image_cat_path), argv[i], 0);
data/libisoburn-1.5.2/xorriso/filters.c:198:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lo= strlen(old_name);
data/libisoburn-1.5.2/xorriso/filters.c:199:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls= strlen(suffix);
data/libisoburn-1.5.2/xorriso/filters.c:299:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filter_name) > 21) {
data/libisoburn-1.5.2/xorriso/filters.c:617:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(line) > maxl)
data/libisoburn-1.5.2/xorriso/filters.c:619:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, " ");
data/libisoburn-1.5.2/xorriso/filters.c:623:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(line) > maxl)
data/libisoburn-1.5.2/xorriso/filters.c:625:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, ":");
data/libisoburn-1.5.2/xorriso/filters.c:635:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "used=%.f ", (double) extf->cmd->refcount);
data/libisoburn-1.5.2/xorriso/filters.c:636:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(line) > maxl)
data/libisoburn-1.5.2/xorriso/filters.c:639:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(line) > maxl)
data/libisoburn-1.5.2/xorriso/filters.c:642:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, " ");
data/libisoburn-1.5.2/xorriso/filters.c:644:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(line) > maxl)
data/libisoburn-1.5.2/xorriso/filters.c:711:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/findjob.c:100:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(n->origin, origin, sizeof(n->origin) - 1);
data/libisoburn-1.5.2/xorriso/findjob.c:783:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name_expr)>=SfileadrL)
data/libisoburn-1.5.2/xorriso/findjob.c:988:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t->arg1= calloc(1, strlen(creator) + 1);
data/libisoburn-1.5.2/xorriso/findjob.c:989:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t->arg2= calloc(1, strlen(hfs_type) + 1);
data/libisoburn-1.5.2/xorriso/iso_img.c:253:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(hr, pvd_time, 16);
data/libisoburn-1.5.2/xorriso/iso_img.c:365:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(volid, iso_image_get_volume_id(volume), 32);
data/libisoburn-1.5.2/xorriso/iso_img.c:440:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:449:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:495:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "%-2.2X", (unsigned int) selection_crit[i]);
data/libisoburn-1.5.2/xorriso/iso_img.c:496:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:507:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "%-2.2X", (unsigned int) id_string[i]);
data/libisoburn-1.5.2/xorriso/iso_img.c:508:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:550:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:575:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:579:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:591:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:614:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:641:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(xorriso->result_line);
data/libisoburn-1.5.2/xorriso/iso_img.c:645:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->result_line + l + 32, " ");
data/libisoburn-1.5.2/xorriso/iso_img.c:651:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:715:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:821:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line),
data/libisoburn-1.5.2/xorriso/iso_img.c:824:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), " , boot_info_table=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:826:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), " , grub2_boot_info=on");
data/libisoburn-1.5.2/xorriso/iso_img.c:879:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM(sa_summary, char, strlen(sa_report[i] + 21) + 1);
data/libisoburn-1.5.2/xorriso/iso_img.c:907:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(respt + strlen(respt), " , %s", sa_summary);
data/libisoburn-1.5.2/xorriso/iso_img.c:909:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:917:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:933:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:945:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(respt, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:976:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/iso_img.c:979:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/iso_img.c:1131:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(adr_mode == 4 && strlen(adr_pt) <= 80) {
data/libisoburn-1.5.2/xorriso/iso_img.c:1173:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:1204:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text), " as directory ");
data/libisoburn-1.5.2/xorriso/iso_img.c:1206:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:1451:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) < 21) {
data/libisoburn-1.5.2/xorriso/iso_img.c:1460:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, line, 20);
data/libisoburn-1.5.2/xorriso/iso_img.c:1501:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM(cmds[*cmd_count], char, strlen(buf) + 1);
data/libisoburn-1.5.2/xorriso/iso_img.c:1521:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf + strlen(buf), "--interval:%s:%.f%s-%.f%s:",
data/libisoburn-1.5.2/xorriso/iso_img.c:1530:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(buf[strlen(buf) - 1] == ',')
data/libisoburn-1.5.2/xorriso/iso_img.c:1531:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = 0;
data/libisoburn-1.5.2/xorriso/iso_img.c:1532:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ":");
data/libisoburn-1.5.2/xorriso/iso_img.c:1829:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ret <= 0 || strlen(crt) != 16) {
data/libisoburn-1.5.2/xorriso/iso_img.c:1831:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(ret <= 0 || strlen(mdt) != 16))
data/libisoburn-1.5.2/xorriso/iso_img.c:1849:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(ret <= 0 || strlen(uuid) != 16)) {
data/libisoburn-1.5.2/xorriso/iso_img.c:2511:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso__format_guid(gpts[iso_gpt_part_idx].type_guid, buf + strlen(buf),
data/libisoburn-1.5.2/xorriso/iso_img.c:2867:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:2897:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_img.c:2914:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:192:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(eff_name) > xorriso->file_name_limit) {
data/libisoburn-1.5.2/xorriso/iso_manip.c:194:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(trunc_name, eff_name, SfileadrL - 1);
data/libisoburn-1.5.2/xorriso/iso_manip.c:214:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:234:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:430:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(disk_path[0]==0 || disk_path[strlen(disk_path)-1]!='/')
data/libisoburn-1.5.2/xorriso/iso_manip.c:431:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(disk_path,"/");
data/libisoburn-1.5.2/xorriso/iso_manip.c:432:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name= disk_path+strlen(disk_path);
data/libisoburn-1.5.2/xorriso/iso_manip.c:436:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(img_path, "/");
data/libisoburn-1.5.2/xorriso/iso_manip.c:437:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(img_path[strlen(img_path) - 1] != '/')
data/libisoburn-1.5.2/xorriso/iso_manip.c:438:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(img_path, "/");
data/libisoburn-1.5.2/xorriso/iso_manip.c:439:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
img_name= img_path+strlen(img_path);
data/libisoburn-1.5.2/xorriso/iso_manip.c:472:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, strlen(img_path), 0)<=0)
data/libisoburn-1.5.2/xorriso/iso_manip.c:474:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, strlen(srcpt), 0)<=0)
data/libisoburn-1.5.2/xorriso/iso_manip.c:689:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nfd, "/");
data/libisoburn-1.5.2/xorriso/iso_manip.c:696:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text), " from ");
data/libisoburn-1.5.2/xorriso/iso_manip.c:859:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, ")");
data/libisoburn-1.5.2/xorriso/iso_manip.c:869:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, img_path, SfileadrL - 1);
data/libisoburn-1.5.2/xorriso/iso_manip.c:908:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(img_path);
data/libisoburn-1.5.2/xorriso/iso_manip.c:936:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npt= apt+strlen(apt);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1334:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1400:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, strlen(path), 0)<=0)
data/libisoburn-1.5.2/xorriso/iso_manip.c:1436:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pl= strlen(path);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1451:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, pl+1+strlen(name), 0)<=0)
data/libisoburn-1.5.2/xorriso/iso_manip.c:1676:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ol= strlen(eff_origin);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1707:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpt= dir_adr+strlen(dir_adr);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1725:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpt= dir_adr+strlen(dir_adr);
data/libisoburn-1.5.2/xorriso/iso_manip.c:1834:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(eff_dest, "/");
data/libisoburn-1.5.2/xorriso/iso_manip.c:1849:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(l= strlen(dir_adr); l > 0; ) {
data/libisoburn-1.5.2/xorriso/iso_manip.c:1893:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2391:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lower = 3 * strlen(basename) + 34; /* >>> + minimum RR ? */
data/libisoburn-1.5.2/xorriso/iso_manip.c:2392:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
upper = 3 * strlen(basename) + 2048;
data/libisoburn-1.5.2/xorriso/iso_manip.c:2441:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= isoburn_conv_name_chars(sopts, name, strlen(name), &result, &result_len,
data/libisoburn-1.5.2/xorriso/iso_manip.c:2462:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2468:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2719:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
target, strlen(text_2), text_2, 0);
data/libisoburn-1.5.2/xorriso/iso_manip.c:2810:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2843:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:2900:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_manip.c:2928:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_manip.c:2959:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_manip.c:3237:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((strlen(arg1) == 1 ||
data/libisoburn-1.5.2/xorriso/iso_manip.c:3239:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(arg1) == 4)) &&
data/libisoburn-1.5.2/xorriso/iso_manip.c:3240:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(arg2) == 1 ||
data/libisoburn-1.5.2/xorriso/iso_manip.c:3242:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(arg2) == 4)))
data/libisoburn-1.5.2/xorriso/iso_manip.c:3852:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v_len= strlen(valuept);
data/libisoburn-1.5.2/xorriso/iso_manip.c:3861:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Sfile_bsl_interpreter(line, strlen(line), &eaten, 0);
data/libisoburn-1.5.2/xorriso/iso_manip.c:4094:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if((strlen(creator) != 4 && !(strlen(creator) == 1 &&
data/libisoburn-1.5.2/xorriso/iso_manip.c:4094:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if((strlen(creator) != 4 && !(strlen(creator) == 1 &&
data/libisoburn-1.5.2/xorriso/iso_manip.c:4096:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(hfs_type) != 4 && !(strlen(hfs_type) == 1 &&
data/libisoburn-1.5.2/xorriso/iso_manip.c:4096:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(hfs_type) != 4 && !(strlen(hfs_type) == 1 &&
data/libisoburn-1.5.2/xorriso/iso_manip.c:4455:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(name);
data/libisoburn-1.5.2/xorriso/iso_tree.c:78:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(eff_path, "/");
data/libisoburn-1.5.2/xorriso/iso_tree.c:100:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(eff_path, "/");
data/libisoburn-1.5.2/xorriso/iso_tree.c:110:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npt= apt+strlen(apt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:166:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_path)+strlen(apt)+1));
data/libisoburn-1.5.2/xorriso/iso_tree.c:166:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_path)+strlen(apt)+1));
data/libisoburn-1.5.2/xorriso/iso_tree.c:415:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "/");
data/libisoburn-1.5.2/xorriso/iso_tree.c:434:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((wpt - path) + strlen(npt) + 1 >= SfileadrL) {
data/libisoburn-1.5.2/xorriso/iso_tree.c:442:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt+= strlen(npt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:754:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result_len+= strlen(cpt) + 1;
data/libisoburn-1.5.2/xorriso/iso_tree.c:756:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(*acl_text + strlen(*acl_text), "%s\n", cpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:760:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:775:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(*acl_text + strlen(*acl_text), "default:%s\n", cpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:777:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(*acl_text + strlen(*acl_text), "%s\n", cpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:785:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result_len+= strlen(cpt) + 9;
data/libisoburn-1.5.2/xorriso/iso_tree.c:790:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:863:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(names[i]) + value_lengths[i] >= SfileadrL) {
data/libisoburn-1.5.2/xorriso/iso_tree.c:865:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(names[i]), (int) value_lengths[i]);
data/libisoburn-1.5.2/xorriso/iso_tree.c:867:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Sfile_bsl_encoder(&bsl, names[i], strlen(names[i]), 8);
data/libisoburn-1.5.2/xorriso/iso_tree.c:875:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_tree.c:880:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result_len+= strlen(xorriso->result_line);
data/libisoburn-1.5.2/xorriso/iso_tree.c:900:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:939:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt= line + strlen(line);
data/libisoburn-1.5.2/xorriso/iso_tree.c:948:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt+= strlen(wpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:963:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) + strlen(bsl) + 1 > line_limit)
data/libisoburn-1.5.2/xorriso/iso_tree.c:963:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) + strlen(bsl) + 1 > line_limit)
data/libisoburn-1.5.2/xorriso/iso_tree.c:969:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) + strlen(comp) + 1 > line_limit)
data/libisoburn-1.5.2/xorriso/iso_tree.c:969:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) + strlen(comp) + 1 > line_limit)
data/libisoburn-1.5.2/xorriso/iso_tree.c:1016:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_append_extattr_comp(xorriso, path_pt, strlen(path_pt), mode, 0);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1019:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1025:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(names[i]) + value_lengths[i] >= SfileadrL) {
data/libisoburn-1.5.2/xorriso/iso_tree.c:1028:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(names[i]), (int) value_lengths[i]);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1053:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_append_extattr_comp(xorriso, space_pt, strlen(space_pt),
data/libisoburn-1.5.2/xorriso/iso_tree.c:1058:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_append_extattr_comp(xorriso, name_pt, strlen(name_pt),
data/libisoburn-1.5.2/xorriso/iso_tree.c:1063:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_append_extattr_comp(xorriso, path_pt, strlen(path_pt),
data/libisoburn-1.5.2/xorriso/iso_tree.c:1078:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_append_extattr_comp(xorriso, space_pt, strlen(space_pt),
data/libisoburn-1.5.2/xorriso/iso_tree.c:1082:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, " ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1083:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_append_extattr_comp(xorriso,name_pt, strlen(name_pt), mode, 0);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1086:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, " ");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1099:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1302:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, stream->class->type, 4);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1440:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(path)+strlen(name)+1, 2);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1440:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(path)+strlen(name)+1, 2);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1444:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(rel_path)+1;
data/libisoburn-1.5.2/xorriso/iso_tree.c:1528:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line+strlen(xorriso->result_line), "%s\n",
data/libisoburn-1.5.2/xorriso/iso_tree.c:1568:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem+= sizeof(char *)+strlen(name)+8;
data/libisoburn-1.5.2/xorriso/iso_tree.c:1649:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt= basrpt + strlen(basrpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1684:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt= basrpt + strlen(basrpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1699:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt= baswpt + strlen(baswpt);
data/libisoburn-1.5.2/xorriso/iso_tree.c:1778:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1842:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:1987:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2186:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*mem)= strlen(patterns[i])+1;
data/libisoburn-1.5.2/xorriso/iso_tree.c:2323:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(disk_path, "/");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2375:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(source_path) >= SfileadrL) {
data/libisoburn-1.5.2/xorriso/iso_tree.c:2421:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/iso_tree.c:2433:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, ":");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2436:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso->result_line) > SfileadrL) {
data/libisoburn-1.5.2/xorriso/iso_tree.c:2446:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line), "[%u,%lu,%lu]",
data/libisoburn-1.5.2/xorriso/iso_tree.c:2452:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, ":");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2456:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2547:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2584:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/iso_tree.c:2722:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(path + path_offset), 8);
data/libisoburn-1.5.2/xorriso/iso_tree.c:2726:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:99:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
handler_prefix= calloc(strlen(xorriso->progname)+3+1, 1);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:172:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:236:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(xorriso->info_text, burn_scsi_transport_id(0), 1024);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:342:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(xorriso->result_line, burn_scsi_transport_id(0), 1024);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:343:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/lib_mgt.c:452:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(victim, sfe+strlen(sfe), 0);
data/libisoburn-1.5.2/xorriso/lib_mgt.c:677:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso_id) + strlen(Xorriso_timestamP) < 128)
data/libisoburn-1.5.2/xorriso/lib_mgt.c:677:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso_id) + strlen(Xorriso_timestamP) < 128)
data/libisoburn-1.5.2/xorriso/lib_mgt.c:682:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso_id) < 100)
data/libisoburn-1.5.2/xorriso/lib_mgt.c:683:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso_id + strlen(xorriso_id),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:686:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso_id) < 100)
data/libisoburn-1.5.2/xorriso/lib_mgt.c:687:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso_id + strlen(xorriso_id),
data/libisoburn-1.5.2/xorriso/lib_mgt.c:690:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso_id) < 100)
data/libisoburn-1.5.2/xorriso/lib_mgt.c:691:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso_id + strlen(xorriso_id),
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:50:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m->prog, prog, sizeof(m->prog) - 1);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:80:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(word, start, l);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:93:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(start, wraps[i], strlen(wraps[i])) == 0)
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:184:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(content);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:186:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((wpt - write_base) + l + strlen(front) + strlen(back) > 255) {
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:186:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((wpt - write_base) + l + strlen(front) + strlen(back) > 255) {
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:191:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt+= strlen(front);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:193:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wpt, content, l);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:196:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt+= strlen(back);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:226:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt+= strlen(found);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:236:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt+= strlen(found);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:244:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt+= strlen(found);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:309:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line_in);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:386:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\\");
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:390:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
raw= strlen(buf);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:392:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Mx1_substitute(m, buf, line_out, raw, strlen(buf), 0);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:396:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line_out) + 3 + strlen(remainder) > 255)
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:396:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line_out) + 3 + strlen(remainder) > 255)
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:400:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
raw= strlen(buf);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:404:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Mx1_substitute(m, buf, line_out, raw, strlen(buf), 0);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:425:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Mx1_substitute(m, line_in, line_out, 0, strlen(line_in), 0);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:440:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line_out);
data/libisoburn-1.5.2/xorriso/make_xorriso_1.c:520:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line_in);
data/libisoburn-1.5.2/xorriso/match.c:54:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(adr)+strlen(wd)+1;
data/libisoburn-1.5.2/xorriso/match.c:54:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(adr)+strlen(wd)+1;
data/libisoburn-1.5.2/xorriso/match.c:104:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(cpt) >= adr_size)
data/libisoburn-1.5.2/xorriso/match.c:110:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(adr_part,cpt,npt-cpt);
data/libisoburn-1.5.2/xorriso/match.c:178:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(adr)>=sizeof(xorriso->reg_expr))
data/libisoburn-1.5.2/xorriso/match.c:264:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(adr_part,cpt,npt-cpt);
data/libisoburn-1.5.2/xorriso/match.c:404:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(adr)+1;
data/libisoburn-1.5.2/xorriso/match.c:419:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_no_pattern_memory(xorriso, (off_t) (strlen(adr)+1), 0);
data/libisoburn-1.5.2/xorriso/match.c:563:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(pattern)+1;
data/libisoburn-1.5.2/xorriso/match.c:586:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text), ": ");
data/libisoburn-1.5.2/xorriso/match.c:666:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dir_adr, "/");
data/libisoburn-1.5.2/xorriso/match.c:671:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dir_adr, "/");
data/libisoburn-1.5.2/xorriso/match.c:723:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dir_adr, "/");
data/libisoburn-1.5.2/xorriso/match.c:728:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dir_adr, "/");
data/libisoburn-1.5.2/xorriso/match.c:741:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*mem)= strlen(patterns[i])+1;
data/libisoburn-1.5.2/xorriso/match.c:790:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/misc_funct.c:195:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c= text[strlen(text)-1];
data/libisoburn-1.5.2/xorriso/misc_funct.c:220:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(text);
data/libisoburn-1.5.2/xorriso/misc_funct.c:270:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((strlen(text)==3 || (strlen(text)==4 && text[3]==',')) &&
data/libisoburn-1.5.2/xorriso/misc_funct.c:270:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((strlen(text)==3 || (strlen(text)==4 && text[3]==',')) &&
data/libisoburn-1.5.2/xorriso/misc_funct.c:298:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(text)>2 || text[0]==0)
data/libisoburn-1.5.2/xorriso/misc_funct.c:343:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(text)!=4)
data/libisoburn-1.5.2/xorriso/misc_funct.c:470:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(text);
data/libisoburn-1.5.2/xorriso/misc_funct.c:521:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(code);
data/libisoburn-1.5.2/xorriso/misc_funct.c:608:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scale_chr= code[strlen(code)-1];
data/libisoburn-1.5.2/xorriso/misc_funct.c:696:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%12.f", (double) t);
data/libisoburn-1.5.2/xorriso/misc_funct.c:698:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%4.4d.%2.2d.%2.2d.%2.2d%2.2d%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:702:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%s %s %2.2d %2.2d:%2.2d:%2.2d %4.4d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:706:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%s %2.2d %2.2d:%2.2d:%2.2d %4.4d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:711:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%c", 'A' + (tms.tm_year - 100) / 10);
data/libisoburn-1.5.2/xorriso/misc_funct.c:713:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%c", '0' + tms.tm_year / 10);
data/libisoburn-1.5.2/xorriso/misc_funct.c:714:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%1.1d%2.2d%2.2d.%2.2d%2.2d%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:718:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%2d %3s %4.4d %2.2d:%2.2d:%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:722:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%3s %2d %2.2d:%2.2d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:725:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(rpt+strlen(rpt), "%3s %2d %4.4d",
data/libisoburn-1.5.2/xorriso/misc_funct.c:841:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l+= strlen(*handle);
data/libisoburn-1.5.2/xorriso/misc_funct.c:855:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(*handle,text,len);
data/libisoburn-1.5.2/xorriso/misc_funct.c:873:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(text);
data/libisoburn-1.5.2/xorriso/misc_funct.c:908:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_s= strlen(start);
data/libisoburn-1.5.2/xorriso/misc_funct.c:909:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_e= strlen(end);
data/libisoburn-1.5.2/xorriso/misc_funct.c:910:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_esc= strlen(esc);
data/libisoburn-1.5.2/xorriso/misc_funct.c:920:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((wpt - result) + (int) strlen(rpt) >= result_size)
data/libisoburn-1.5.2/xorriso/misc_funct.c:923:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt+= strlen(wpt);
data/libisoburn-1.5.2/xorriso/misc_funct.c:930:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wpt, rpt, spt - rpt);
data/libisoburn-1.5.2/xorriso/misc_funct.c:942:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wpt, spt, l_esc + l_s);
data/libisoburn-1.5.2/xorriso/misc_funct.c:955:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wpt, spt, l_s);
data/libisoburn-1.5.2/xorriso/misc_funct.c:971:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(npt, vars[i][0], strlen(vars[i][0])) == 0
data/libisoburn-1.5.2/xorriso/misc_funct.c:972:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (l_e == 0 || strncmp(npt + strlen(vars[i][0]), end, l_e) == 0))
data/libisoburn-1.5.2/xorriso/misc_funct.c:977:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((wpt - result) + (int) strlen(vars[i][1]) >= result_size)
data/libisoburn-1.5.2/xorriso/misc_funct.c:980:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt= npt + strlen(vars[i][0]) + l_e;
data/libisoburn-1.5.2/xorriso/misc_funct.c:988:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wpt, rpt, (ept - rpt) + l_e);
data/libisoburn-1.5.2/xorriso/misc_funct.c:994:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wpt, rpt, l_s);
data/libisoburn-1.5.2/xorriso/misc_funct.c:997:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wpt+= strlen(wpt);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1049:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
w= strlen(out_text);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1053:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(in_text);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1068:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(out_text, "'xorriso: TEXT MUCH TOO LONG ... ",33);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1085:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(hex);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1145:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1251:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1294:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
acc[strlen(acc) - 1]= 0; /* cut off last colon */
data/libisoburn-1.5.2/xorriso/misc_funct.c:1326:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(source_prefix, eff_source, strlen(source_prefix)) != 0) {
data/libisoburn-1.5.2/xorriso/misc_funct.c:1330:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
source_pt+= strlen(source_prefix);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1349:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1350:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1350:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1352:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1353:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1353:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1355:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1356:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1356:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1358:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/misc_funct.c:1359:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1359:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "-");
data/libisoburn-1.5.2/xorriso/misc_funct.c:1361:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text), "%-2.2x", (unsigned int) guid[i]);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:171:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(xorriso->wdi)+strlen(target)+1));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:171:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(xorriso->wdi)+strlen(target)+1));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:385:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(path));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:451:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pattern)>=sizeof(xorriso->assert_volid)) {
data/libisoburn-1.5.2/xorriso/opts_a_c.c:454:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(pattern), (int) sizeof(xorriso->assert_volid)-1);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:519:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:628:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(mode)>9)
data/libisoburn-1.5.2/xorriso/opts_a_c.c:641:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(mode)>14)
data/libisoburn-1.5.2/xorriso/opts_a_c.c:806:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->boot_image_bin_path, "/");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:850:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(treatpt + 9) >= sizeof(xorriso->boot_image_bin_path)) {
data/libisoburn-1.5.2/xorriso/opts_a_c.c:854:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(treatpt + 9));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:882:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(treatpt + 9) >= sizeof(xorriso->boot_image_bin_path))
data/libisoburn-1.5.2/xorriso/opts_a_c.c:935:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->ascii_disc_label, treatpt + 12,
data/libisoburn-1.5.2/xorriso/opts_a_c.c:964:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(parm, treatpt + 5, parm_len);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1014:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(treatpt + 10) == 56) {
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1019:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) xorriso->boot_id_string, treatpt + 10, 28);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1407:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(iso_rr_path)>sizeof(xorriso->wdi)) {
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1409:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(iso_rr_path), (int) sizeof(xorriso->wdi)-1);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1418:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "/");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1419:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1422:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->wdi,"");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1471:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(disk_path)>sizeof(xorriso->wdx)) {
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1473:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(disk_path), (int) sizeof(xorriso->wdx)-1);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1482:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "/");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1483:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1486:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(xorriso->wdx,"");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:1547:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2387:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM(delimiter_mem, char, strlen(xorriso->list_delimiter) + 1);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2388:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM(delimiter, char, strlen(argv[*idx + 1]) + 1);
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2504:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2504:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2588:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+ strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2588:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+ strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2703:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_a_c.c:2703:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_d_h.c:81:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(adr)==6 || strcmp(adr, "stdio:/")==0 ||
data/libisoburn-1.5.2/xorriso/opts_d_h.c:243:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:270:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:287:8: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(xorriso->info_text, cpt, l);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:288:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "'");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1126:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Findjob_set_action_chown(job, user, strlen(cpt)>5);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1138:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Findjob_set_action_chgrp(job, group, strlen(cpt)>5);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1151:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Findjob_set_action_chmod(job, mode_and, mode_or, strlen(cpt)>5);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1164:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Findjob_set_action_ad(job, type, date, strlen(cpt)>10);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1269:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i]), argv[i], 1);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1397:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "/");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1402:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_append_extattr_comp(xorriso, cd_pt, strlen(cd_pt),
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1407:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1482:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1649:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(msc2);
data/libisoburn-1.5.2/xorriso/opts_d_h.c:1667:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(mode));
data/libisoburn-1.5.2/xorriso/opts_d_h.c:2585:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_dialog_input(xorriso, line, strlen(line) + 1, 2 | 32);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:157:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(text) > 80) {
data/libisoburn-1.5.2/xorriso/opts_i_o.c:303:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso->indev)>0) {
data/libisoburn-1.5.2/xorriso/opts_i_o.c:673:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM(arg2v[arg2c], char, strlen(eff_target) + 1);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:691:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM(opt2v[new_opt2c], char, strlen(eff_source) + 1);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:708:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM(arg2v[arg2c], char, strlen(eff_source) + 1);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:799:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
target_prefix, strlen(target_prefix) + 1, 0);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:803:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
source_prefix, strlen(source_prefix) + 1, 0);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:851:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->mark_text,mark,sizeof(xorriso->mark_text)-1);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:867:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:934:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1069:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1189:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1282:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1282:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (strlen(eff_dest)+strlen(leafname)+1));
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1294:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1329:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1466:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1473:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1490:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(setting));
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1598:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text), "%s ", hpt);
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1732:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/opts_i_o.c:1756:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:230:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:238:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:297:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(text);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:358:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= write(fd, xorriso->result_line, strlen(xorriso->result_line));
data/libisoburn-1.5.2/xorriso/opts_p_z.c:373:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name)>=sizeof(xorriso->progname)) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:376:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(name), (int) sizeof(xorriso->progname)-1);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:405:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->result_line,text,sizeof(xorriso->result_line)-1);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:439:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "/");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:440:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:453:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "/");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:454:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:714:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:746:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) > 255) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:767:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(recname) > 80) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:879:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_bsl_interpreter(line + 8, strlen(line + 8), &eaten, 0);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:880:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line + 8) >= SfileadrL) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:888:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line + 9) > 160) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:896:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line + 9) > 160) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:916:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:958:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1067:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_path_setfattr(xorriso, NULL, "", name, strlen(value), value, 1);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1085:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, strlen(value), value, 0);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1147:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_bsl_interpreter(line + 8, strlen(line + 8), &eaten, 0);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1148:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line + 8) >= SfileadrL) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1166:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_used+= strlen(line) + 1;
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1182:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1189:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v_len= strlen(valuept);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1195:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v_len= strlen(valuept);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1199:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1235:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1386:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1399:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(usleep_time);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1436:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(cpt= speed+strlen(speed)-1; cpt>=speed; cpt--)
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1786:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1932:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:1995:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line+strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2070:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(xorriso->do_joliet && strlen(volid)>16 && !(flag & 1)) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2072:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
"-volid text is too long for Joliet (%d > 16)",(int) strlen(volid));
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2129:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ret <= 0 || strlen(timestring) != 16) {
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2147:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->all_file_dates, timestring,
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2228:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/opts_p_z.c:2253:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, cpt + 11, l - 11);
data/libisoburn-1.5.2/xorriso/parse_exec.c:128:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM((*optv)[i], char, strlen(argv[idx + i]) + 1);
data/libisoburn-1.5.2/xorriso/parse_exec.c:145:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem+= strlen(argv[idx + *optc - 1])+1+sizeof(char *);
data/libisoburn-1.5.2/xorriso/parse_exec.c:185:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(xorriso->info_text);
data/libisoburn-1.5.2/xorriso/parse_exec.c:186:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(l>0 && l+1+strlen(filev[i])>60) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:193:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(xorriso->info_text);
data/libisoburn-1.5.2/xorriso/parse_exec.c:242:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(severity[0] && strlen(severity) < sizeof(xorriso->problem_status_text))
data/libisoburn-1.5.2/xorriso/parse_exec.c:438:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(adr_value);
data/libisoburn-1.5.2/xorriso/parse_exec.c:449:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(adr_value)>80) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:451:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd, (int) strlen(adr_value));
data/libisoburn-1.5.2/xorriso/parse_exec.c:464:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(name) >= size) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:467:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(name), size - 1);
data/libisoburn-1.5.2/xorriso/parse_exec.c:491:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) strlen(original_cmd) >= sizeof_cmd_data) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:494:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argno, (int) strlen(original_cmd));
data/libisoburn-1.5.2/xorriso/parse_exec.c:497:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(original_cmd));
data/libisoburn-1.5.2/xorriso/parse_exec.c:914:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso->result_line) + 1 + strlen(argv[cmd_idx]) > 78) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:914:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso->result_line) + 1 + strlen(argv[cmd_idx]) > 78) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:915:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/parse_exec.c:919:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->result_line + strlen(xorriso->result_line),
data/libisoburn-1.5.2/xorriso/parse_exec.c:928:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(xorriso->result_line) > 0) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:929:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/parse_exec.c:1062:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cmd)>10);
data/libisoburn-1.5.2/xorriso/parse_exec.c:1899:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2065:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(line, prefix, strlen(prefix)) == 0) {
data/libisoburn-1.5.2/xorriso/parse_exec.c:2066:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
to_parse= line + strlen(prefix);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2219:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(*argpt);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2487:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(wpt= cpt + 1 + strlen(cpt + 1) - 1; wpt >= cpt; wpt--)
data/libisoburn-1.5.2/xorriso/parse_exec.c:2553:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, cpt, SfileadrL - 1);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2561:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, cpt, SfileadrL - 1 - 11);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2734:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Sfile_bsl_interpreter(new_argv[i], strlen(new_argv[i]), &eaten, 0);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2800:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(wd)+1>=SfileadrL)
data/libisoburn-1.5.2/xorriso/parse_exec.c:2806:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, (int) (strlen(adr)+strlen(name)+1), 2);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2806:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, (int) (strlen(adr)+strlen(name)+1), 2);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2810:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name)+1>=SfileadrL)
data/libisoburn-1.5.2/xorriso/parse_exec.c:2820:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(norm_adr, "/");
data/libisoburn-1.5.2/xorriso/parse_exec.c:2930:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_alloc_meM((*argv)[i], char, strlen(in_argv[i]) + 1);
data/libisoburn-1.5.2/xorriso/parse_exec.c:2996:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cpt) + strlen(argv[0]) + 1 >= SfileadrL)
data/libisoburn-1.5.2/xorriso/parse_exec.c:2996:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cpt) + strlen(argv[0]) + 1 >= SfileadrL)
data/libisoburn-1.5.2/xorriso/parse_exec.c:3234:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*wpt + 5, dpt + 1, ddpt - dpt);
data/libisoburn-1.5.2/xorriso/parse_exec.c:3242:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*wpt + 6, dpt + 1, ddpt - dpt);
data/libisoburn-1.5.2/xorriso/parse_exec.c:3254:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*wpt + 6, dpt + 1, ddpt - dpt);
data/libisoburn-1.5.2/xorriso/parse_exec.c:3266:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*wpt + 5, dpt + 1, ddpt - dpt);
data/libisoburn-1.5.2/xorriso/read_run.c:373:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text), " , ACL ");
data/libisoburn-1.5.2/xorriso/read_run.c:375:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/read_run.c:515:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nfi, "/");
data/libisoburn-1.5.2/xorriso/read_run.c:679:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/read_run.c:781:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/read_run.c:1009:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xorriso->node_targets_availmem+= strlen(xorriso->hln_targets[node_idx]) +1;
data/libisoburn-1.5.2/xorriso/read_run.c:1012:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(disk_path);
data/libisoburn-1.5.2/xorriso/read_run.c:1075:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(img_path)+strlen(part_name)+1, 2);
data/libisoburn-1.5.2/xorriso/read_run.c:1075:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_much_too_long(xorriso, strlen(img_path)+strlen(part_name)+1, 2);
data/libisoburn-1.5.2/xorriso/read_run.c:1224:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xorriso->info_text+strlen(xorriso->info_text), 0);
data/libisoburn-1.5.2/xorriso/read_run.c:1226:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Text_shellsafe(img_path, xorriso->info_text+strlen(xorriso->info_text), 0);
data/libisoburn-1.5.2/xorriso/read_run.c:1358:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(img_path[0]==0 || img_path[strlen(img_path)-1]!='/')
data/libisoburn-1.5.2/xorriso/read_run.c:1359:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(img_path,"/");
data/libisoburn-1.5.2/xorriso/read_run.c:1360:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name= img_path+strlen(img_path);
data/libisoburn-1.5.2/xorriso/read_run.c:1363:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(disk_path[0]==0 || disk_path[strlen(disk_path)-1]!='/')
data/libisoburn-1.5.2/xorriso/read_run.c:1364:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(disk_path,"/");
data/libisoburn-1.5.2/xorriso/read_run.c:1365:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
disk_name= disk_path+strlen(disk_path);
data/libisoburn-1.5.2/xorriso/read_run.c:1367:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_dp= strlen(disk_path);
data/libisoburn-1.5.2/xorriso/read_run.c:1368:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_ip= strlen(img_path);
data/libisoburn-1.5.2/xorriso/read_run.c:1388:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, len_dp + strlen(leaf_name)+1, 0)<=0)
data/libisoburn-1.5.2/xorriso/read_run.c:1390:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Xorriso_much_too_long(xorriso, len_ip + strlen(leaf_name)+1, 0)<=0)
data/libisoburn-1.5.2/xorriso/read_run.c:1575:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
disk_path, strlen(disk_path) + 1, 0);
data/libisoburn-1.5.2/xorriso/read_run.c:1579:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
img_path, strlen(img_path) + 1, 0);
data/libisoburn-1.5.2/xorriso/read_run.c:1594:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, disk_path, path_size - 1);
data/libisoburn-1.5.2/xorriso/read_run.c:1635:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npt= apt+strlen(apt);
data/libisoburn-1.5.2/xorriso/read_run.c:2111:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->info_text, "\n");
data/libisoburn-1.5.2/xorriso/read_run.c:2230:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/read_run.c:2237:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/read_run.c:2255:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/sfile.c:41:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line);
data/libisoburn-1.5.2/xorriso/sfile.c:70:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(path);
data/libisoburn-1.5.2/xorriso/sfile.c:141:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(path);
data/libisoburn-1.5.2/xorriso/sfile.c:145:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path,"/");
data/libisoburn-1.5.2/xorriso/sfile.c:151:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(l+strlen(addon)>=SfileadrL)
data/libisoburn-1.5.2/xorriso/sfile.c:165:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(prefix);
data/libisoburn-1.5.2/xorriso/sfile.c:174:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len= strlen(prefix) - 1;
data/libisoburn-1.5.2/xorriso/sfile.c:175:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_len= strlen(path);
data/libisoburn-1.5.2/xorriso/sfile.c:180:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= (strlen(path) - slashes) + prefix_len + 1;
data/libisoburn-1.5.2/xorriso/sfile.c:193:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l-= strlen(path);
data/libisoburn-1.5.2/xorriso/sfile.c:360:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(((int) strlen(result)) <= avail_siz - 2)
data/libisoburn-1.5.2/xorriso/sfile.c:413:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(text, "0");
data/libisoburn-1.5.2/xorriso/sfile.c:660:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf= calloc(strlen(line) + SfileadrL, 1);
data/libisoburn-1.5.2/xorriso/sfile.c:668:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxl= strlen(progname);
data/libisoburn-1.5.2/xorriso/sfile.c:687:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpt+= strlen(cpt) - 1;
data/libisoburn-1.5.2/xorriso/sfile.c:697:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:699:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l); buf[bufl + l]= 0;
data/libisoburn-1.5.2/xorriso/sfile.c:706:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:711:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:713:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l);
data/libisoburn-1.5.2/xorriso/sfile.c:723:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:725:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l); buf[bufl + l]= 0;
data/libisoburn-1.5.2/xorriso/sfile.c:732:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:737:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= cpt-start; bufl= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:739:12: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buf,start,l);buf[bufl+l]= 0;
data/libisoburn-1.5.2/xorriso/sfile.c:751:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufl= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:753:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + bufl, start, l); buf[bufl + l]= 0;
data/libisoburn-1.5.2/xorriso/sfile.c:760:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(buf);
data/libisoburn-1.5.2/xorriso/sfile.c:814:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(source);
data/libisoburn-1.5.2/xorriso/sfile.c:816:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l+= strlen(target);
data/libisoburn-1.5.2/xorriso/sfile.c:845:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) (strlen(home) + strlen(filename) + 1) >= fa_size)
data/libisoburn-1.5.2/xorriso/sfile.c:845:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int) (strlen(home) + strlen(filename) + 1) >= fa_size)
data/libisoburn-1.5.2/xorriso/sfile.c:849:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileadr,"/");
data/libisoburn-1.5.2/xorriso/sfile.c:880:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(text);
data/libisoburn-1.5.2/xorriso/sort_cmp.c:450:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xorriso->temp_mem_limit-= strlen(old_targets[old_pt]) + 1;
data/libisoburn-1.5.2/xorriso/text_io.c:261:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, ev.str, SfileadrL - 1);
data/libisoburn-1.5.2/xorriso/text_io.c:263:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(str);
data/libisoburn-1.5.2/xorriso/text_io.c:270:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:298:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:387:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/text_io.c:389:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(linept, cpt, linesize - 1);
data/libisoburn-1.5.2/xorriso/text_io.c:430:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line);
data/libisoburn-1.5.2/xorriso/text_io.c:453:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_length= strlen(line);
data/libisoburn-1.5.2/xorriso/text_io.c:472:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(last_input,line,sizeof(last_input)-1);
data/libisoburn-1.5.2/xorriso/text_io.c:585:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_dialog_input(xorriso,cpt,strlen(line)+1,2); /* write to history */
data/libisoburn-1.5.2/xorriso/text_io.c:614:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_dialog_input(xorriso,cpt,strlen(line)+1,2); /* write to history */
data/libisoburn-1.5.2/xorriso/text_io.c:623:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso_dialog_input(xorriso,cpt,strlen(line)+1,2); /* write to history */
data/libisoburn-1.5.2/xorriso/text_io.c:672:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(line);
data/libisoburn-1.5.2/xorriso/text_io.c:697:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_length= strlen(line);
data/libisoburn-1.5.2/xorriso/text_io.c:709:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if(strlen((*argv)[i]) >= SfileadrL) {
data/libisoburn-1.5.2/xorriso/text_io.c:716:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:719:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:754:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(spt);
data/libisoburn-1.5.2/xorriso/text_io.c:793:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(xorriso->info_text,"\n");
data/libisoburn-1.5.2/xorriso/text_io.c:897:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Xorriso_lst_append_binary(&msglist, text, strlen(text) + 1, 0);
data/libisoburn-1.5.2/xorriso/text_io.c:1008:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Sfile_bsl_encoder(&text, text, strlen(text), 1 | 2 | 4);
data/libisoburn-1.5.2/xorriso/text_io.c:1084:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(rpt);
data/libisoburn-1.5.2/xorriso/text_io.c:1098:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= fwrite(rpt,strlen(rpt),1,stdout);
data/libisoburn-1.5.2/xorriso/text_io.c:1107:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= fwrite(rpt,strlen(rpt),1,pktlog_fp);
data/libisoburn-1.5.2/xorriso/text_io.c:1293:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/text_io.c:1389:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(text);
data/libisoburn-1.5.2/xorriso/text_io.c:1510:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/text_io.c:1582:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/text_io.c:1648:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(u_wait);
data/libisoburn-1.5.2/xorriso/text_io.c:2221:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(prefix);
data/libisoburn-1.5.2/xorriso/text_io.c:2222:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(msg) >= (unsigned int) l) {
data/libisoburn-1.5.2/xorriso/text_io.c:2227:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(prefix_storage, msg, l);
data/libisoburn-1.5.2/xorriso/text_io.c:2234:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(prefix, msg, strlen(prefix)) != 0)
data/libisoburn-1.5.2/xorriso/text_io.c:2242:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(to_parse);
data/libisoburn-1.5.2/xorriso/text_io.c:2261:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv[0]= strdup(to_parse + strlen(prefix));
data/libisoburn-1.5.2/xorriso/text_io.c:2275:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(argv[max_words]);
data/libisoburn-1.5.2/xorriso/text_io.c:2427:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->result_line,text,sizeof(xorriso->result_line)-1);
data/libisoburn-1.5.2/xorriso/text_io.c:2445:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(msg_text)>SfileadrL)
data/libisoburn-1.5.2/xorriso/text_io.c:2532:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lt= strlen(msg_text);
data/libisoburn-1.5.2/xorriso/text_io.c:2535:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
li= strlen(prefix);
data/libisoburn-1.5.2/xorriso/text_io.c:2563:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text + li, msg_text, lt);
data/libisoburn-1.5.2/xorriso/text_io.c:2571:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(text + strlen(text) - 1, " : %s\n", strerror(os_errno));
data/libisoburn-1.5.2/xorriso/text_io.c:2681:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(filter, line, strlen(filter))!=0)
data/libisoburn-1.5.2/xorriso/text_io.c:2701:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= fwrite(xorriso->result_line,strlen(xorriso->result_line),1,fp);
data/libisoburn-1.5.2/xorriso/text_io.c:2739:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2849:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 17)
data/libisoburn-1.5.2/xorriso/text_io.c:2850:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, ":");
data/libisoburn-1.5.2/xorriso/text_io.c:2854:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 17)
data/libisoburn-1.5.2/xorriso/text_io.c:2855:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, ":");
data/libisoburn-1.5.2/xorriso/text_io.c:2859:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 17)
data/libisoburn-1.5.2/xorriso/text_io.c:2860:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, ":");
data/libisoburn-1.5.2/xorriso/text_io.c:2864:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 17)
data/libisoburn-1.5.2/xorriso/text_io.c:2865:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, ":");
data/libisoburn-1.5.2/xorriso/text_io.c:2870:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2900:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2969:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "default ");
data/libisoburn-1.5.2/xorriso/text_io.c:2971:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "%d ", xorriso->cache_num_tiles);
data/libisoburn-1.5.2/xorriso/text_io.c:2973:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "default\n");
data/libisoburn-1.5.2/xorriso/text_io.c:2975:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "%d\n", xorriso->cache_tile_blocks);
data/libisoburn-1.5.2/xorriso/text_io.c:3077:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Xorriso__format_guid(xorriso->iso_gpt_type_guid, line + strlen(line), 0);
data/libisoburn-1.5.2/xorriso/text_io.c:3078:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3080:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "default\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3082:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "0x%-2.2x\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3094:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "%-2.2x",
data/libisoburn-1.5.2/xorriso/text_io.c:3096:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3136:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line), "%-2.2X",
data/libisoburn-1.5.2/xorriso/text_io.c:3138:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3158:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line + strlen(line),"%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3168:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(line+strlen(line), xorriso->split_size, 0);
data/libisoburn-1.5.2/xorriso/text_io.c:3170:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(line+strlen(line), xorriso->split_size / (1024*1024), 0);
data/libisoburn-1.5.2/xorriso/text_io.c:3171:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "m");
data/libisoburn-1.5.2/xorriso/text_io.c:3173:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3415:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode+strlen(mode), ":limit=%d", xorriso->follow_link_limit);
data/libisoburn-1.5.2/xorriso/text_io.c:3485:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":min_percent=%d", xorriso->min_buffer_percent);
data/libisoburn-1.5.2/xorriso/text_io.c:3486:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":max_percent=%d", xorriso->max_buffer_percent);
data/libisoburn-1.5.2/xorriso/text_io.c:3488:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":timeout_sec=%d", xorriso->buffer_timeout_sec);
data/libisoburn-1.5.2/xorriso/text_io.c:3490:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":min_usec=%d", xorriso->min_buffer_usec);
data/libisoburn-1.5.2/xorriso/text_io.c:3492:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":max_usec=%d", xorriso->max_buffer_usec);
data/libisoburn-1.5.2/xorriso/text_io.c:3513:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3531:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(line+strlen(line), (off_t) (xorriso->stdio_sync * 2048),
data/libisoburn-1.5.2/xorriso/text_io.c:3534:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Sfile_off_t_text(line+strlen(line), (off_t) (xorriso->stdio_sync / 512), 0);
data/libisoburn-1.5.2/xorriso/text_io.c:3535:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "m");
data/libisoburn-1.5.2/xorriso/text_io.c:3537:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3631:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line+strlen(line),"''\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3633:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line+strlen(line),"%s\n", xorriso->image_start_value);
data/libisoburn-1.5.2/xorriso/text_io.c:3635:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line+strlen(line),"%s\n",
data/libisoburn-1.5.2/xorriso/text_io.c:3741:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3764:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, " ");
data/libisoburn-1.5.2/xorriso/text_io.c:3766:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3778:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3785:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, " ");
data/libisoburn-1.5.2/xorriso/text_io.c:3787:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:3960:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
byte_text+strlen(byte_text), 7, 1e5, 0);
data/libisoburn-1.5.2/xorriso/text_io.c:3961:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(byte_text, ")");
data/libisoburn-1.5.2/xorriso/text_io.c:3983:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:3986:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:3989:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text + strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:4020:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text), " %s %.1fx%s",
data/libisoburn-1.5.2/xorriso/text_io.c:4025:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/text_io.c:4104:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:4152:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(pline);
data/libisoburn-1.5.2/xorriso/text_io.c:4157:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pline, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:4177:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret= Sfile_bsl_encoder(&text, pargv[i], strlen(pargv[i]), 4);
data/libisoburn-1.5.2/xorriso/text_io.c:4185:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xorriso->result_line, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:4239:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(pline);
data/libisoburn-1.5.2/xorriso/text_io.c:4244:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pline, "\n");
data/libisoburn-1.5.2/xorriso/text_io.c:4599:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_needed= strlen(line) + 8 + sizeof(struct Xorriso_lsT);
data/libisoburn-1.5.2/xorriso/text_io.c:4720:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
w= strlen(out_text);
data/libisoburn-1.5.2/xorriso/text_io.c:4723:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(in_text);
data/libisoburn-1.5.2/xorriso/text_io.c:4742:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offst= strlen(xorriso->info_text);
data/libisoburn-1.5.2/xorriso/text_io.c:4748:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xorriso->info_text + offst, text, maxl + 1);
data/libisoburn-1.5.2/xorriso/text_io.c:4749:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(text) > maxl) {
data/libisoburn-1.5.2/xorriso/write_run.c:805:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(path);
data/libisoburn-1.5.2/xorriso/write_run.c:1217:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_lengths[0]= strlen(out_cs);
data/libisoburn-1.5.2/xorriso/write_run.c:1228:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(image!=NULL && 12+strlen(Xorriso_timestamP)<80) {
data/libisoburn-1.5.2/xorriso/write_run.c:1232:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i= strlen(img_id)-1; i>=0 && img_id[i]==' '; i--);
data/libisoburn-1.5.2/xorriso/write_run.c:1327:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_length= strlen(timestamp);
data/libisoburn-1.5.2/xorriso/write_run.c:1570:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100002);
data/libisoburn-1.5.2/xorriso/write_run.c:1633:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:1637:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text), " [buf %3d%%]",
data/libisoburn-1.5.2/xorriso/write_run.c:1641:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text), " %4.1fx.",
data/libisoburn-1.5.2/xorriso/write_run.c:1687:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:1708:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:1713:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text), " %5.1fx%s ",
data/libisoburn-1.5.2/xorriso/write_run.c:1734:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep((unsigned long) (100000.0 * xorriso->pacifier_interval));
data/libisoburn-1.5.2/xorriso/write_run.c:1848:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/libisoburn-1.5.2/xorriso/write_run.c:1860:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/libisoburn-1.5.2/xorriso/write_run.c:2018:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/libisoburn-1.5.2/xorriso/write_run.c:2030:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/libisoburn-1.5.2/xorriso/write_run.c:2378:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:2391:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xorriso->info_text+strlen(xorriso->info_text),
data/libisoburn-1.5.2/xorriso/write_run.c:2484:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(cpt);
data/libisoburn-1.5.2/xorriso/write_run.c:2724:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":iso_9660_level=%d", xorriso->iso_level);
data/libisoburn-1.5.2/xorriso/write_run.c:2769:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":untranslated_name_len=%d",
data/libisoburn-1.5.2/xorriso/write_run.c:2772:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":iso_9660_1999");
data/libisoburn-1.5.2/xorriso/write_run.c:2774:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mode + strlen(mode), ":old_empty");
data/libisoburn-1.5.2/xorriso/write_run.c:2934:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret= read(job->data_to_fd, head_buffer, 64 * 1024);
data/libisoburn-1.5.2/xorriso/write_run.c:3145:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(text) == 36) {
data/libisoburn-1.5.2/xorriso/write_run.c:3170:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(text) == 32) {
ANALYSIS SUMMARY:
Hits = 3656
Lines analyzed = 69818 in approximately 2.51 seconds (27843 lines/second)
Physical Source Lines of Code (SLOC) = 52945
Hits@level = [0] 232 [1] 935 [2] 1856 [3] 4 [4] 854 [5] 7
Hits@level+ = [0+] 3888 [1+] 3656 [2+] 2721 [3+] 865 [4+] 861 [5+] 7
Hits/KSLOC@level+ = [0+] 73.4347 [1+] 69.0528 [2+] 51.393 [3+] 16.3377 [4+] 16.2622 [5+] 0.132213
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.