Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libmspack-0.10.1/test/md5.h Examining data/libmspack-0.10.1/test/cabd_md5.c Examining data/libmspack-0.10.1/test/cabd_test.c Examining data/libmspack-0.10.1/test/chmd_test.c Examining data/libmspack-0.10.1/test/chmd_md5.c Examining data/libmspack-0.10.1/test/chminfo.c Examining data/libmspack-0.10.1/test/chmd_order.c Examining data/libmspack-0.10.1/test/md5_fh.h Examining data/libmspack-0.10.1/test/md5.c Examining data/libmspack-0.10.1/test/error.h Examining data/libmspack-0.10.1/test/chmd_find.c Examining data/libmspack-0.10.1/test/kwajd_test.c Examining data/libmspack-0.10.1/mspack/kwajd.c Examining data/libmspack-0.10.1/mspack/lzxc.c Examining data/libmspack-0.10.1/mspack/chm.h Examining data/libmspack-0.10.1/mspack/mszip.h Examining data/libmspack-0.10.1/mspack/qtmd.c Examining data/libmspack-0.10.1/mspack/system.h Examining data/libmspack-0.10.1/mspack/cab.h Examining data/libmspack-0.10.1/mspack/lzss.h Examining data/libmspack-0.10.1/mspack/litd.c Examining data/libmspack-0.10.1/mspack/lzx.h Examining data/libmspack-0.10.1/mspack/szddc.c Examining data/libmspack-0.10.1/mspack/szddd.c Examining data/libmspack-0.10.1/mspack/readbits.h Examining data/libmspack-0.10.1/mspack/lzssd.c Examining data/libmspack-0.10.1/mspack/hlp.h Examining data/libmspack-0.10.1/mspack/sha.h Examining data/libmspack-0.10.1/mspack/kwajc.c Examining data/libmspack-0.10.1/mspack/system.c Examining data/libmspack-0.10.1/mspack/qtm.h Examining data/libmspack-0.10.1/mspack/mszipc.c Examining data/libmspack-0.10.1/mspack/mspack.h Examining data/libmspack-0.10.1/mspack/chmc.c Examining data/libmspack-0.10.1/mspack/chmd.c Examining data/libmspack-0.10.1/mspack/hlpd.c Examining data/libmspack-0.10.1/mspack/oabc.c Examining data/libmspack-0.10.1/mspack/szdd.h Examining data/libmspack-0.10.1/mspack/cabc.c Examining data/libmspack-0.10.1/mspack/des.h Examining data/libmspack-0.10.1/mspack/mszipd.c Examining data/libmspack-0.10.1/mspack/oab.h Examining data/libmspack-0.10.1/mspack/lit.h Examining data/libmspack-0.10.1/mspack/readhuff.h Examining data/libmspack-0.10.1/mspack/hlpc.c Examining data/libmspack-0.10.1/mspack/crc32.h Examining data/libmspack-0.10.1/mspack/cabd.c Examining data/libmspack-0.10.1/mspack/crc32.c Examining data/libmspack-0.10.1/mspack/kwaj.h Examining data/libmspack-0.10.1/mspack/oabd.c Examining data/libmspack-0.10.1/mspack/lzxd.c Examining data/libmspack-0.10.1/mspack/litc.c Examining data/libmspack-0.10.1/examples/multifh.c Examining data/libmspack-0.10.1/examples/msexpand.c Examining data/libmspack-0.10.1/examples/cabrip.c Examining data/libmspack-0.10.1/examples/cabd_memory.c Examining data/libmspack-0.10.1/examples/oabextract.c Examining data/libmspack-0.10.1/examples/chmextract.c FINAL RESULTS: data/libmspack-0.10.1/examples/chmextract.c:57:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(out, (*fname) ? fname : "x"); data/libmspack-0.10.1/examples/multifh.c:70:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, format, ap); data/libmspack-0.10.1/mspack/cab.h:89:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/cab.h:115:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/cabd.c:175:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/cabd.c:201:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/cabd.c:240:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/cabd.c:600:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/cabd.c:649:37: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/cabd.c:824:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/cabd.c:1020:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/cabd.c:1219:37: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/chm.h:98:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/chm.h:117:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/chmd.c:107:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:158:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:203:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:551:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:629:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:898:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:1039:37: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:1162:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:1236:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:1279:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/chmd.c:1316:37: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/hlp.h:21:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/hlp.h:29:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/kwaj.h:27:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/kwaj.h:37:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/kwajd.c:83:43: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/kwajd.c:102:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/kwajd.c:135:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!self || !self->system) return; data/libmspack-0.10.1/mspack/kwajd.c:263:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/lit.h:23:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/lit.h:31:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/lzss.h:56:50: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. extern int lzss_decompress(struct mspack_system *system, data/libmspack-0.10.1/mspack/lzssd.c:37:43: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int lzss_decompress(struct mspack_system *system, data/libmspack-0.10.1/mspack/lzssd.c:48:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!system || input_buffer_size < 1 || (mode != LZSS_MODE_EXPAND && data/libmspack-0.10.1/mspack/lzssd.c:55:46: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. window = (unsigned char *) system->alloc(system, LZSS_WINDOW_SIZE + input_buffer_size); data/libmspack-0.10.1/mspack/lzx.h:147:60: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. extern struct lzxd_stream *lzxd_init(struct mspack_system *system, data/libmspack-0.10.1/mspack/lzx.h:176:58: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system, data/libmspack-0.10.1/mspack/lzxd.c:279:53: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct lzxd_stream *lzxd_init(struct mspack_system *system, data/libmspack-0.10.1/mspack/lzxd.c:291:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!system) return NULL; data/libmspack-0.10.1/mspack/lzxd.c:313:52: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!(lzx = (struct lzxd_stream *) system->alloc(system, sizeof(struct lzxd_stream)))) { data/libmspack-0.10.1/mspack/lzxd.c:318:49: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lzx->window = (unsigned char *) system->alloc(system, (size_t) window_size); data/libmspack-0.10.1/mspack/lzxd.c:319:49: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lzx->inbuf = (unsigned char *) system->alloc(system, (size_t) input_buffer_size); data/libmspack-0.10.1/mspack/lzxd.c:328:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lzx->sys = system; data/libmspack-0.10.1/mspack/lzxd.c:355:51: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system, data/libmspack-0.10.1/mspack/lzxd.c:373:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (length > 0 && (!system || !input)) { data/libmspack-0.10.1/mspack/mszip.h:85:64: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. extern struct mszipd_stream *mszipd_init(struct mspack_system *system, data/libmspack-0.10.1/mspack/mszipd.c:342:57: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mszipd_stream *mszipd_init(struct mspack_system *system, data/libmspack-0.10.1/mspack/mszipd.c:350:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!system) return NULL; data/libmspack-0.10.1/mspack/mszipd.c:357:54: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!(zip = (struct mszipd_stream *) system->alloc(system, sizeof(struct mszipd_stream)))) { data/libmspack-0.10.1/mspack/mszipd.c:362:49: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. zip->inbuf = (unsigned char *) system->alloc(system, (size_t) input_buffer_size); data/libmspack-0.10.1/mspack/mszipd.c:369:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. zip->sys = system; data/libmspack-0.10.1/mspack/oab.h:21:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/oab.h:29:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/oabd.c:63:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/oabd.c:120:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/oabd.c:253:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/qtm.h:92:60: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. extern struct qtmd_stream *qtmd_init(struct mspack_system *system, data/libmspack-0.10.1/mspack/qtmd.c:186:53: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct qtmd_stream *qtmd_init(struct mspack_system *system, data/libmspack-0.10.1/mspack/qtmd.c:195:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!system) return NULL; data/libmspack-0.10.1/mspack/qtmd.c:205:52: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!(qtm = (struct qtmd_stream *) system->alloc(system, sizeof(struct qtmd_stream)))) { data/libmspack-0.10.1/mspack/qtmd.c:210:49: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. qtm->window = (unsigned char *) system->alloc(system, (size_t) window_size); data/libmspack-0.10.1/mspack/qtmd.c:211:49: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. qtm->inbuf = (unsigned char *) system->alloc(system, (size_t) input_buffer_size); data/libmspack-0.10.1/mspack/qtmd.c:220:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. qtm->sys = system; data/libmspack-0.10.1/mspack/system.c:71:46: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int mspack_sys_filelen(struct mspack_system *system, data/libmspack-0.10.1/mspack/system.c:76:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!system || !file || !length) return MSPACK_ERR_OPEN; data/libmspack-0.10.1/mspack/system.c:200:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, format, ap); data/libmspack-0.10.1/mspack/system.h:48:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf x ; fputc('\n', stdout); fflush(stdout);} while (0); data/libmspack-0.10.1/mspack/system.h:102:53: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. extern int mspack_sys_filelen(struct mspack_system *system, data/libmspack-0.10.1/mspack/szdd.h:22:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/szdd.h:30:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *system; data/libmspack-0.10.1/mspack/szddd.c:69:43: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. struct mspack_system *sys = self->system; data/libmspack-0.10.1/mspack/szddd.c:88:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/mspack/szddd.c:121:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!self || !self->system) return; data/libmspack-0.10.1/mspack/szddd.c:191:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. sys = self->system; data/libmspack-0.10.1/test/cabd_md5.c:49:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&cab[len], cabname); data/libmspack-0.10.1/test/cabd_md5.c:59:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cab, entry->d_name); data/libmspack-0.10.1/test/md5_fh.h:105:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, format, ap); data/libmspack-0.10.1/examples/cabd_memory.c:35:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bytes); data/libmspack-0.10.1/examples/cabd_memory.c:147:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((cab = cabd->open(cabd, (char *) &source))) { data/libmspack-0.10.1/examples/cabrip.c:16:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUF_SIZE]; data/libmspack-0.10.1/examples/cabrip.c:21:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outname[13]; data/libmspack-0.10.1/examples/cabrip.c:32:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(in = fopen(fname, "rb"))) { data/libmspack-0.10.1/examples/cabrip.c:36:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(out = fopen(outname, "wb"))) { data/libmspack-0.10.1/examples/chmextract.c:92:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((chm = chmd->open(chmd, *argv))) { data/libmspack-0.10.1/examples/multifh.c:60:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bytes); data/libmspack-0.10.1/examples/multifh.c:122:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh->x.fh = fopen(fn->x.diskfile, fmode); data/libmspack-0.10.1/examples/multifh.c:400:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((cab = cabd->open(cabd, mem_cab))) { data/libmspack-0.10.1/mspack/cab.h:109:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char input[CAB_INPUTBUF]; /* one input block of data */ data/libmspack-0.10.1/mspack/cabd.c:203:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = sys->open(sys, filename, MSPACK_SYS_OPEN_READ))) { data/libmspack-0.10.1/mspack/cabd.c:316:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/libmspack-0.10.1/mspack/cabd.c:541:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *str; data/libmspack-0.10.1/mspack/cabd.c:610:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = sys->open(sys, filename, MSPACK_SYS_OPEN_READ))) { data/libmspack-0.10.1/mspack/cabd.c:1086:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). self->d->infh = sys->open(sys, fol->data.cab->base.filename, data/libmspack-0.10.1/mspack/cabd.c:1113:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(fh = sys->open(sys, filename, MSPACK_SYS_OPEN_WRITE))) { data/libmspack-0.10.1/mspack/cabd.c:1300:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hdr[cfdata_SIZEOF]; data/libmspack-0.10.1/mspack/cabd.c:1379:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(d->infh = sys->open(sys, d->incab->base.filename, data/libmspack-0.10.1/mspack/chmd.c:160:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = sys->open(sys, filename, MSPACK_SYS_OPEN_READ))) { data/libmspack-0.10.1/mspack/chmd.c:243:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char guids[32] = { data/libmspack-0.10.1/mspack/chmd.c:266:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[0x54], *chunk = NULL, *name, *p, *end; data/libmspack-0.10.1/mspack/chmd.c:556:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(fh = sys->open(sys, chm->filename, MSPACK_SYS_OPEN_READ))) { data/libmspack-0.10.1/mspack/chmd.c:921:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). self->d->infh = sys->open(sys, chm->filename, MSPACK_SYS_OPEN_READ); data/libmspack-0.10.1/mspack/chmd.c:926:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(fh = sys->open(sys, filename, MSPACK_SYS_OPEN_WRITE))) { data/libmspack-0.10.1/mspack/chmd.c:947:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[512]; data/libmspack-0.10.1/mspack/kwaj.h:97:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char MATCHLEN1_len [KWAJ_MATCHLEN1_SYMS]; data/libmspack-0.10.1/mspack/kwaj.h:98:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char MATCHLEN2_len [KWAJ_MATCHLEN2_SYMS]; data/libmspack-0.10.1/mspack/kwaj.h:99:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char LITLEN_len [KWAJ_LITLEN_SYMS]; data/libmspack-0.10.1/mspack/kwaj.h:100:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char OFFSET_len [KWAJ_OFFSET_SYMS]; data/libmspack-0.10.1/mspack/kwaj.h:101:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char LITERAL_len [KWAJ_LITERAL_SYMS]; data/libmspack-0.10.1/mspack/kwaj.h:111:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char inbuf[KWAJ_INPUT_SIZE]; data/libmspack-0.10.1/mspack/kwaj.h:114:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char window[LZSS_WINDOW_SIZE]; data/libmspack-0.10.1/mspack/kwajd.c:104:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh = sys->open(sys, filename, MSPACK_SYS_OPEN_READ); data/libmspack-0.10.1/mspack/kwajd.c:155:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[16]; data/libmspack-0.10.1/mspack/kwajd.c:272:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(outfh = sys->open(sys, filename, MSPACK_SYS_OPEN_WRITE))) { data/libmspack-0.10.1/mspack/lzx.h:85:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char PRETREE_len [LZX_PRETREE_MAXSYMBOLS + LZX_LENTABLE_SAFETY]; data/libmspack-0.10.1/mspack/lzx.h:86:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char MAINTREE_len [LZX_MAINTREE_MAXSYMBOLS + LZX_LENTABLE_SAFETY]; data/libmspack-0.10.1/mspack/lzx.h:87:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char LENGTH_len [LZX_LENGTH_MAXSYMBOLS + LZX_LENTABLE_SAFETY]; data/libmspack-0.10.1/mspack/lzx.h:88:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ALIGNED_len [LZX_ALIGNED_MAXSYMBOLS + LZX_LENTABLE_SAFETY]; data/libmspack-0.10.1/mspack/lzx.h:102:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char e8_buf[LZX_FRAME_SIZE]; data/libmspack-0.10.1/mspack/lzxd.c:217:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char extra_bits[36] = { data/libmspack-0.10.1/mspack/lzxd.c:403:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *window, *runsrc, *rundest, buf[12]; data/libmspack-0.10.1/mspack/mspack.h:310:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). struct mspack_file * (*open)(struct mspack_system *self, data/libmspack-0.10.1/mspack/mspack.h:978:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). struct mscabd_cabinet * (*open) (struct mscab_decompressor *self, data/libmspack-0.10.1/mspack/mspack.h:1598:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). struct mschmd_header *(*open)(struct mschm_decompressor *self, data/libmspack-0.10.1/mspack/mspack.h:1896:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). struct msszddd_header *(*open)(struct msszdd_decompressor *self, data/libmspack-0.10.1/mspack/mspack.h:2176:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). struct mskwajd_header *(*open)(struct mskwaj_decompressor *self, data/libmspack-0.10.1/mspack/mszip.h:62:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char LITERAL_len[MSZIP_LITERAL_MAXSYMBOLS]; data/libmspack-0.10.1/mspack/mszip.h:63:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char DISTANCE_len[MSZIP_DISTANCE_MAXSYMBOLS]; data/libmspack-0.10.1/mspack/mszip.h:70:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char window[MSZIP_FRAME_SIZE]; data/libmspack-0.10.1/mspack/mszipd.c:59:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char lit_extrabits[29] = { data/libmspack-0.10.1/mspack/mszipd.c:65:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char dist_extrabits[30] = { data/libmspack-0.10.1/mspack/mszipd.c:71:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char bitlen_order[19] = { data/libmspack-0.10.1/mspack/mszipd.c:99:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bl_len[19]; data/libmspack-0.10.1/mspack/mszipd.c:101:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char lens[MSZIP_LITERAL_MAXSYMBOLS + MSZIP_DISTANCE_MAXSYMBOLS]; data/libmspack-0.10.1/mspack/mszipd.c:177:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char lens_buf[4]; data/libmspack-0.10.1/mspack/oabd.c:111:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hdrbuf[oabhead_SIZEOF]; data/libmspack-0.10.1/mspack/oabd.c:122:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infh = sys->open(sys, input, MSPACK_SYS_OPEN_READ); data/libmspack-0.10.1/mspack/oabd.c:142:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfh = sys->open(sys, output, MSPACK_SYS_OPEN_WRITE); data/libmspack-0.10.1/mspack/oabd.c:244:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hdrbuf[patchhead_SIZEOF]; data/libmspack-0.10.1/mspack/oabd.c:255:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infh = sys->open(sys, input, MSPACK_SYS_OPEN_READ); data/libmspack-0.10.1/mspack/oabd.c:279:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). basefh = sys->open(sys, base, MSPACK_SYS_OPEN_READ); data/libmspack-0.10.1/mspack/oabd.c:285:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfh = sys->open(sys, output, MSPACK_SYS_OPEN_WRITE); data/libmspack-0.10.1/mspack/qtmd.c:71:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char extra_bits[42] = { data/libmspack-0.10.1/mspack/qtmd.c:75:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char length_base[27] = { data/libmspack-0.10.1/mspack/qtmd.c:79:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char length_extra[27] = { data/libmspack-0.10.1/mspack/system.c:64:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return (sys != NULL) && (sys->open != NULL) && (sys->close != NULL) && data/libmspack-0.10.1/mspack/system.c:137:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh->fh = fopen(filename, fmode))) return (struct mspack_file *) fh; data/libmspack-0.10.1/mspack/system.c:235:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bytes); data/libmspack-0.10.1/mspack/system.h:84:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. #define __egi32(a,n) (((unsigned int) ((unsigned char *)(a))[n+3] << 24) | \ data/libmspack-0.10.1/mspack/system.h:85:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((unsigned int) ((unsigned char *)(a))[n+2] << 16) | \ data/libmspack-0.10.1/mspack/system.h:86:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((unsigned int) ((unsigned char *)(a))[n+1] << 8) | \ data/libmspack-0.10.1/mspack/system.h:87:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((unsigned int) ((unsigned char *)(a))[n])) data/libmspack-0.10.1/mspack/system.h:93:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. #define EndGetM32(a) (((unsigned int) ((unsigned char *)(a))[0] << 24) | \ data/libmspack-0.10.1/mspack/system.h:94:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((unsigned int) ((unsigned char *)(a))[1] << 16) | \ data/libmspack-0.10.1/mspack/system.h:95:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((unsigned int) ((unsigned char *)(a))[2] << 8) | \ data/libmspack-0.10.1/mspack/system.h:96:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((unsigned int) ((unsigned char *)(a))[3])) data/libmspack-0.10.1/mspack/szddd.c:90:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh = sys->open(sys, filename, MSPACK_SYS_OPEN_READ); data/libmspack-0.10.1/mspack/szddd.c:137:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char szdd_signature_expand[8] = { data/libmspack-0.10.1/mspack/szddd.c:140:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char szdd_signature_qbasic[8] = { data/libmspack-0.10.1/mspack/szddd.c:148:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[8]; data/libmspack-0.10.1/mspack/szddd.c:202:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(outfh = sys->open(sys, filename, MSPACK_SYS_OPEN_WRITE))) { data/libmspack-0.10.1/test/cabd_md5.c:44:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (tail) memcpy(cab, origcab, (size_t) len); data/libmspack-0.10.1/test/cabd_md5.c:100:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(cab = cabd->open(cabd, cabname))) { data/libmspack-0.10.1/test/cabd_md5.c:112:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(c2 = cabd->open(cabd, newname))) { data/libmspack-0.10.1/test/cabd_md5.c:131:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(c2 = cabd->open(cabd, newname))) { data/libmspack-0.10.1/test/cabd_test.c:29:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, "!!!FILE_WHICH_DOES_NOT_EXIST")); data/libmspack-0.10.1/test/cabd_test.c:44:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab = cabd->open(cabd, TESTFILE("normal_2files_1folder.cab"))); data/libmspack-0.10.1/test/cabd_test.c:102:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab = cabd->open(cabd, files[i])); data/libmspack-0.10.1/test/cabd_test.c:119:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, TESTFILE("bad_signature.cab"))); data/libmspack-0.10.1/test/cabd_test.c:123:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, TESTFILE("bad_nofolders.cab"))); data/libmspack-0.10.1/test/cabd_test.c:126:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, TESTFILE("bad_nofiles.cab"))); data/libmspack-0.10.1/test/cabd_test.c:129:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, TESTFILE("bad_folderindex.cab"))); data/libmspack-0.10.1/test/cabd_test.c:132:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, TESTFILE("filename-read-violation-1.cab"))); data/libmspack-0.10.1/test/cabd_test.c:171:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, files[i])); data/libmspack-0.10.1/test/cabd_test.c:176:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!cabd->open(cabd, str_files[i])); data/libmspack-0.10.1/test/cabd_test.c:182:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab = cabd->open(cabd, TESTFILE("partial_nodata.cab"))); data/libmspack-0.10.1/test/cabd_test.c:193:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab = cabd->open(cabd, TESTFILE("normal_255c_filename.cab"))); data/libmspack-0.10.1/test/cabd_test.c:262:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab1 = cabd->open(cabd, TESTFILE("multi_basic_pt1.cab"))); data/libmspack-0.10.1/test/cabd_test.c:263:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab2 = cabd->open(cabd, TESTFILE("multi_basic_pt2.cab"))); data/libmspack-0.10.1/test/cabd_test.c:290:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab[0] = cabd->open(cabd, TESTFILE("multi_basic_pt1.cab"))); data/libmspack-0.10.1/test/cabd_test.c:291:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab[1] = cabd->open(cabd, TESTFILE("multi_basic_pt2.cab"))); data/libmspack-0.10.1/test/cabd_test.c:292:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab[2] = cabd->open(cabd, TESTFILE("multi_basic_pt3.cab"))); data/libmspack-0.10.1/test/cabd_test.c:293:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab[3] = cabd->open(cabd, TESTFILE("multi_basic_pt4.cab"))); data/libmspack-0.10.1/test/cabd_test.c:294:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab[4] = cabd->open(cabd, TESTFILE("multi_basic_pt5.cab"))); data/libmspack-0.10.1/test/cabd_test.c:343:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab = cabd->open(cabd, files[i])); data/libmspack-0.10.1/test/cabd_test.c:366:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(cab = cabd->open(cabd, TESTFILE("cve-2014-9732-folders-segfault.cab"))); data/libmspack-0.10.1/test/cabd_test.c:386:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cab = cabd->open(cabd, TESTFILE("mszip_lzx_qtm.cab")); data/libmspack-0.10.1/test/cabd_test.c:409:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_md5s[4][33]; data/libmspack-0.10.1/test/cabd_test.c:414:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cab = cabd->open(cabd, TESTFILE("normal_2files_2folders.cab")); data/libmspack-0.10.1/test/cabd_test.c:422:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(file_md5s[i], md5_string, 33); data/libmspack-0.10.1/test/chmd_find.c:77:35: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((chm2 = chmd->open(chmd, argv[1]))) { data/libmspack-0.10.1/test/chmd_md5.c:36:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((chm = chmd->open(chmd, *argv))) { data/libmspack-0.10.1/test/chmd_order.c:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ordered[32], sorted[32], fast_find[32], mixed[32]; data/libmspack-0.10.1/test/chmd_order.c:47:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((chm = chmd->open(chmd, *argv))) { data/libmspack-0.10.1/test/chmd_order.c:63:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&f[i].ordered[0], md5_string, 32); data/libmspack-0.10.1/test/chmd_order.c:77:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&f[i].sorted[0], md5_string, 32); data/libmspack-0.10.1/test/chmd_order.c:102:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&f[i].fast_find[0], md5_string, 32); data/libmspack-0.10.1/test/chmd_order.c:114:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&f[i].mixed[0], md5_string, 32); data/libmspack-0.10.1/test/chmd_test.c:35:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!chmd->open(chmd, files[i])); data/libmspack-0.10.1/test/chmd_test.c:52:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(chm = chmd->open(chmd, files[i])); data/libmspack-0.10.1/test/chmd_test.c:78:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(chm1 = chmd->open(chmd, files[i])); data/libmspack-0.10.1/test/chmd_test.c:113:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(chm = chmd->open(chmd, TESTFILE("cve-2015-4467-reset-interval-zero.chm.xor"))); data/libmspack-0.10.1/test/chminfo.c:31:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = fopen(FILENAME, "rb"))) { data/libmspack-0.10.1/test/chminfo.c:44:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char result[43]; data/libmspack-0.10.1/test/chminfo.c:65:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dir[0x54], *chunk; data/libmspack-0.10.1/test/chminfo.c:71:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = fopen(filename, "rb"))) { data/libmspack-0.10.1/test/chminfo.c:201:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((chm = chmd->open(chmd, *argv))) { data/libmspack-0.10.1/test/error.h:4:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[32]; data/libmspack-0.10.1/test/kwajd_test.c:30:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(hdr = kwajd->open(kwajd, TESTFILE("f00.kwj"))); data/libmspack-0.10.1/test/kwajd_test.c:35:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(hdr = kwajd->open(kwajd, testfile)); \ data/libmspack-0.10.1/test/kwajd_test.c:40:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TEST(!kwajd->open(kwajd, testfile)); \ data/libmspack-0.10.1/test/md5.c:65:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; data/libmspack-0.10.1/test/md5.c:116:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&ctx->buffer[bytes], fillbuf, pad); data/libmspack-0.10.1/test/md5.c:136:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BLOCKSIZE + 72]; data/libmspack-0.10.1/test/md5.c:225:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&ctx->buffer[left_over], buffer, add); data/libmspack-0.10.1/test/md5.c:234:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63], data/libmspack-0.10.1/test/md5.c:256:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ctx->buffer, buffer, 64); data/libmspack-0.10.1/test/md5.c:275:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&ctx->buffer[left_over], buffer, len); data/libmspack-0.10.1/test/md5.c:281:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ctx->buffer, &ctx->buffer[64], left_over); data/libmspack-0.10.1/test/md5.h:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/libmspack-0.10.1/test/md5_fh.h:13:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_string[33]; data/libmspack-0.10.1/test/md5_fh.h:31:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh->fh = fopen(filename, "rb"))) data/libmspack-0.10.1/test/md5_fh.h:45:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md5[16]; data/libmspack-0.10.1/test/md5_fh.h:117:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bytes); data/libmspack-0.10.1/examples/chmextract.c:53:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((out = malloc(strlen(fname) + 1))) { data/libmspack-0.10.1/examples/chmextract.c:84:16: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). user_umask = umask(0); umask(user_umask); data/libmspack-0.10.1/examples/chmextract.c:84:26: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). user_umask = umask(0); umask(user_umask); data/libmspack-0.10.1/mspack/cabd.c:334:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], cfhead_SIZEOF) != cfhead_SIZEOF) { data/libmspack-0.10.1/mspack/cabd.c:371:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], cfheadext_SIZEOF) != cfheadext_SIZEOF) { data/libmspack-0.10.1/mspack/cabd.c:413:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], cffold_SIZEOF) != cffold_SIZEOF) { data/libmspack-0.10.1/mspack/cabd.c:443:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], cffile_SIZEOF) != cffile_SIZEOF) { data/libmspack-0.10.1/mspack/cabd.c:545:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((len = sys->read(fh, &buf[0], 256)) <= 0) { data/libmspack-0.10.1/mspack/cabd.c:672:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], (int) length) != (int) length) { data/libmspack-0.10.1/mspack/cabd.c:1309:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(d->infh, &hdr[0], cfdata_SIZEOF) != cfdata_SIZEOF) { data/libmspack-0.10.1/mspack/cabd.c:1339:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(d->infh, d->i_end, len) != len) { data/libmspack-0.10.1/mspack/cabd.c:1453:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (s->sys->read(s->i, &s->buf[0], run) != run) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/chmd.c:285:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], chmhead_SIZEOF) != chmhead_SIZEOF) { data/libmspack-0.10.1/mspack/chmd.c:308:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], chmhst3_SIZEOF) != chmhst3_SIZEOF) { data/libmspack-0.10.1/mspack/chmd.c:328:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], chmhs0_SIZEOF) != chmhs0_SIZEOF) { data/libmspack-0.10.1/mspack/chmd.c:341:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], chmhs1_SIZEOF) != chmhs1_SIZEOF) { data/libmspack-0.10.1/mspack/chmd.c:430:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, chunk, (int)chm->chunk_size) != (int)chm->chunk_size) { data/libmspack-0.10.1/mspack/chmd.c:662:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, buf, (int)chm->chunk_size) != (int)chm->chunk_size) { data/libmspack-0.10.1/mspack/chmd.c:702:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fname_len = strlen(filename); data/libmspack-0.10.1/mspack/chmd.c:952:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(self->d->infh, &buf[0], run) != run) { data/libmspack-0.10.1/mspack/chmd.c:1338:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(self->d->infh, data, len) != len) { data/libmspack-0.10.1/mspack/kwajd.c:159:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], kwajh_SIZEOF) != kwajh_SIZEOF) { data/libmspack-0.10.1/mspack/kwajd.c:183:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], 4) != 4) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:189:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], 2) != 2) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:194:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], 2) != 2) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:209:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((len = sys->read(fh, &buf[0], 9)) < 2) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:223:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((len = sys->read(fh, &buf[0], 4)) < 2) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:237:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, &buf[0], 2) != 2) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:241:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, hdr->extra, i) != i) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:285:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read, i; data/libmspack-0.10.1/mspack/kwajd.c:286:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((read = sys->read(fh, buf, KWAJ_INPUT_SIZE)) > 0) { data/libmspack-0.10.1/mspack/kwajd.c:288:37: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i = 0; i < read; i++) buf[i] ^= 0xFF; data/libmspack-0.10.1/mspack/kwajd.c:290:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->write(outfh, buf, read) != read) { data/libmspack-0.10.1/mspack/kwajd.c:290:53: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->write(outfh, buf, read) != read) { data/libmspack-0.10.1/mspack/kwajd.c:295:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read < 0) self->error = MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:546:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read; data/libmspack-0.10.1/mspack/kwajd.c:553:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = lzh->sys->read(lzh->input, &lzh->inbuf[0], KWAJ_INPUT_SIZE); data/libmspack-0.10.1/mspack/kwajd.c:554:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read < 0) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/kwajd.c:564:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lzh->i_end = &lzh->inbuf[read]; data/libmspack-0.10.1/mspack/lzssd.c:19:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = system->read(input, &inbuf[0], \ data/libmspack-0.10.1/mspack/lzssd.c:21:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read <= 0) { \ data/libmspack-0.10.1/mspack/lzssd.c:23:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return (read < 0) ? MSPACK_ERR_READ \ data/libmspack-0.10.1/mspack/lzssd.c:26:43: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). i_ptr = &inbuf[0]; i_end = &inbuf[read]; \ data/libmspack-0.10.1/mspack/lzssd.c:45:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read; data/libmspack-0.10.1/mspack/lzxd.c:382:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int bytes = system->read(input, pos, length); data/libmspack-0.10.1/mspack/mspack.h:336:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int (*read)(struct mspack_file *file, data/libmspack-0.10.1/mspack/oabd.c:84:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bytes_read = file->orig_sys->read(file->orig_file, buf, size); data/libmspack-0.10.1/mspack/oabd.c:128:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(infh, hdrbuf, oabhead_SIZEOF) != oabhead_SIZEOF) { data/libmspack-0.10.1/mspack/oabd.c:167:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(infh, buf, oabblk_SIZEOF) != oabblk_SIZEOF) { data/libmspack-0.10.1/mspack/oabd.c:261:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(infh, hdrbuf, patchhead_SIZEOF) != patchhead_SIZEOF) { data/libmspack-0.10.1/mspack/oabd.c:310:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(infh, buf, patchblk_SIZEOF) != patchblk_SIZEOF) { data/libmspack-0.10.1/mspack/oabd.c:384:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(infh, buf, run) != run) { data/libmspack-0.10.1/mspack/readbits.h:184:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read = p->sys->read(p->input, &p->inbuf[0], (int)p->inbuf_size); data/libmspack-0.10.1/mspack/readbits.h:185:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read < 0) return p->error = MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/readbits.h:203:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). p->i_end = &p->inbuf[read]; data/libmspack-0.10.1/mspack/system.c:65:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (sys->read != NULL) && (sys->write != NULL) && (sys->seek != NULL) && data/libmspack-0.10.1/mspack/system.h:30:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #ifdef read data/libmspack-0.10.1/mspack/system.h:31:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # undef read data/libmspack-0.10.1/mspack/szddd.c:151:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, buf, 8) != 8) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/szddd.c:158:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, buf, 6) != 6) return MSPACK_ERR_READ; data/libmspack-0.10.1/mspack/szddd.c:166:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sys->read(fh, buf, 4) != 4) return MSPACK_ERR_READ; data/libmspack-0.10.1/test/cabd_md5.c:41:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(cab = (char *) malloc((tail ? len : 2) + strlen(cabname) + 1))) return NULL; data/libmspack-0.10.1/test/chmd_test.c:95:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read > 0) { data/libmspack-0.10.1/test/chmd_test.c:96:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char *p = (char *) buffer, *end = &p[read]; data/libmspack-0.10.1/test/chmd_test.c:99:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read; ANALYSIS SUMMARY: Hits = 292 Lines analyzed = 13851 in approximately 0.49 seconds (28341 lines/second) Physical Source Lines of Code (SLOC) = 8083 Hits@level = [0] 142 [1] 65 [2] 146 [3] 0 [4] 81 [5] 0 Hits@level+ = [0+] 434 [1+] 292 [2+] 227 [3+] 81 [4+] 81 [5+] 0 Hits/KSLOC@level+ = [0+] 53.6929 [1+] 36.1252 [2+] 28.0836 [3+] 10.021 [4+] 10.021 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.