Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libpqtypes-1.5.1/src/misc.c Examining data/libpqtypes-1.5.1/src/error.c Examining data/libpqtypes-1.5.1/src/array.c Examining data/libpqtypes-1.5.1/src/exec.c Examining data/libpqtypes-1.5.1/src/geo.c Examining data/libpqtypes-1.5.1/src/param.c Examining data/libpqtypes-1.5.1/src/libpqtypes.h Examining data/libpqtypes-1.5.1/src/utils.c Examining data/libpqtypes-1.5.1/src/events.c Examining data/libpqtypes-1.5.1/src/numerics.c Examining data/libpqtypes-1.5.1/src/varlena.c Examining data/libpqtypes-1.5.1/src/datetime.c Examining data/libpqtypes-1.5.1/src/network.c Examining data/libpqtypes-1.5.1/src/libpqtypes-int.h Examining data/libpqtypes-1.5.1/src/port.c Examining data/libpqtypes-1.5.1/src/record.c Examining data/libpqtypes-1.5.1/src/getaddrinfo.h Examining data/libpqtypes-1.5.1/src/spec.c Examining data/libpqtypes-1.5.1/src/handler.c Examining data/libpqtypes-1.5.1/src/regression-test.c FINAL RESULTS: data/libpqtypes-1.5.1/src/libpqtypes-int.h:154:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. # undef sscanf data/libpqtypes-1.5.1/src/libpqtypes-int.h:156:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. # define sscanf sscanf_s data/libpqtypes-1.5.1/src/port.c:46:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = vsnprintf(buf, size, format, ap); data/libpqtypes-1.5.1/src/port.c:49:6: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. n = vsprintf(buf, format, ap); data/libpqtypes-1.5.1/src/regression-test.c:974:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(timestamptzval.time.tzabbr, tzn); data/libpqtypes-1.5.1/src/array.c:108:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, arr->param->vals[i].data, arr->param->vals[i].datal); data/libpqtypes-1.5.1/src/datetime.c:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[8]; data/libpqtypes-1.5.1/src/datetime.c:197:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[8]; data/libpqtypes-1.5.1/src/datetime.c:299:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[8]; data/libpqtypes-1.5.1/src/datetime.c:366:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tsbuf[8]; data/libpqtypes-1.5.1/src/datetime.c:474:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tvalbuf[8]; data/libpqtypes-1.5.1/src/datetime.c:740:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[7]; data/libpqtypes-1.5.1/src/datetime.c:779:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[3]; data/libpqtypes-1.5.1/src/datetime.c:833:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(time->tzabbr, timestr, p - timestr); data/libpqtypes-1.5.1/src/datetime.c:935:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[7]; data/libpqtypes-1.5.1/src/datetime.c:940:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). interval->usecs = atoi(buf); data/libpqtypes-1.5.1/src/datetime.c:1697:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char empty_string[1] = {0}; data/libpqtypes-1.5.1/src/datetime.c:1701:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. return (char *) _tzmap[i].abbr; data/libpqtypes-1.5.1/src/error.c:27:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024 + 8192]; data/libpqtypes-1.5.1/src/error.c:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char severity[16]; data/libpqtypes-1.5.1/src/error.c:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqlstate[16]; data/libpqtypes-1.5.1/src/error.c:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message_primary[2048]; data/libpqtypes-1.5.1/src/error.c:33:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message_detail[1024]; data/libpqtypes-1.5.1/src/error.c:34:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message_hint[512]; data/libpqtypes-1.5.1/src/error.c:35:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stmt_position[16]; data/libpqtypes-1.5.1/src/error.c:36:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char internal_position[16]; data/libpqtypes-1.5.1/src/error.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char internal_query[2048]; data/libpqtypes-1.5.1/src/error.c:38:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char context[2048]; data/libpqtypes-1.5.1/src/error.c:39:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_file[256]; data/libpqtypes-1.5.1/src/error.c:40:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_line[16]; data/libpqtypes-1.5.1/src/error.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_function[80]; data/libpqtypes-1.5.1/src/error.c:120:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char _empty[1] = {0}; data/libpqtypes-1.5.1/src/error.c:233:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fqtn[200]; data/libpqtypes-1.5.1/src/events.c:103:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&destData->fmtinfo, &srcData->fmtinfo, sizeof(PGtypeFormatInfo)); data/libpqtypes-1.5.1/src/exec.c:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stackbuffer[PARAM_STACKSIZE]; \ data/libpqtypes-1.5.1/src/exec.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[200]; data/libpqtypes-1.5.1/src/exec.c:352:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; /* could be larger these days but be conservative */ data/libpqtypes-1.5.1/src/getaddrinfo.h:87:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss_pad[128]; /* ensures struct has desired size */ data/libpqtypes-1.5.1/src/handler.c:246:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typname[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/handler.c:247:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typschema[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/handler.c:439:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(h, handlers, hcnt * sizeof(PGtypeHandler)); data/libpqtypes-1.5.1/src/handler.c:472:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(h[i].attDescs, handlers[i].attDescs, data/libpqtypes-1.5.1/src/handler.c:671:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sub_typschema[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/handler.c:672:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sub_typname[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/handler.c:673:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_typschema[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/handler.c:674:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_typname[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/handler.c:675:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sub_fqtn[200]; data/libpqtypes-1.5.1/src/handler.c:676:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_fqtn[200]; data/libpqtypes-1.5.1/src/handler.c:877:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typname[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/handler.c:878:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typschema[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/libpqtypes-int.h:209:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buffer, &_v, sizeof(short)); \ data/libpqtypes-1.5.1/src/libpqtypes-int.h:214:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buffer, &_v, sizeof(int)); \ data/libpqtypes-1.5.1/src/libpqtypes.h:59:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datestyle[48]; data/libpqtypes-1.5.1/src/libpqtypes.h:69:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attname[65]; data/libpqtypes-1.5.1/src/libpqtypes.h:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typschema[65]; data/libpqtypes-1.5.1/src/libpqtypes.h:82:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typname[65]; data/libpqtypes-1.5.1/src/libpqtypes.h:228:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sa_buf[128]; data/libpqtypes-1.5.1/src/libpqtypes.h:277:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzabbr[16]; data/libpqtypes-1.5.1/src/misc.c:78:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/libpqtypes-1.5.1/src/misc.c:130:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/libpqtypes-1.5.1/src/misc.c:148:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*uuid, buf, p - buf); data/libpqtypes-1.5.1/src/network.c:55:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, &sa->sin_addr, 4); data/libpqtypes-1.5.1/src/network.c:66:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, &sa->sin6_addr, 16); data/libpqtypes-1.5.1/src/network.c:91:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipstr[80]; data/libpqtypes-1.5.1/src/network.c:99:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). inet->mask = atoi(p+1); data/libpqtypes-1.5.1/src/network.c:139:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inet->sa_buf, ai->ai_addr, inet->sa_buf_len); data/libpqtypes-1.5.1/src/network.c:168:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sa->sin_addr, value + 1, *value); data/libpqtypes-1.5.1/src/network.c:178:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sa->sin6_addr, value + 1, *value); data/libpqtypes-1.5.1/src/numerics.c:276:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/libpqtypes-1.5.1/src/numerics.c:315:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*str, buf, len); data/libpqtypes-1.5.1/src/param.c:137:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&new_param->fmtinfo, ¶m->fmtinfo, sizeof(PGtypeFormatInfo)); data/libpqtypes-1.5.1/src/param.c:240:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char args_outbuf[4096]; data/libpqtypes-1.5.1/src/param.c:438:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->ptr, data, datal); data/libpqtypes-1.5.1/src/param.c:467:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_out, args->put.out, args->put.outl); data/libpqtypes-1.5.1/src/port.c:382:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ]; data/libpqtypes-1.5.1/src/port.c:407:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(sin.sin_addr), hp->h_addr, hp->h_length); data/libpqtypes-1.5.1/src/port.c:419:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons((unsigned short) atoi(service)); data/libpqtypes-1.5.1/src/port.c:436:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(psin, &sin, sizeof(*psin)); data/libpqtypes-1.5.1/src/record.c:94:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, param->vals[i].data, param->vals[i].datal); data/libpqtypes-1.5.1/src/regression-test.c:234:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[4]; data/libpqtypes-1.5.1/src/regression-test.c:338:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stmt[4096]; data/libpqtypes-1.5.1/src/regression-test.c:512:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf((char *) buf, "text_%03d", i+1); data/libpqtypes-1.5.1/src/regression-test.c:602:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf((char *) buf, "text_%03d", i+1); data/libpqtypes-1.5.1/src/regression-test.c:976:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(timetzval[0].tzabbr, "GMT-0800"); data/libpqtypes-1.5.1/src/regression-test.c:977:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(timetzval[1].tzabbr, "GMT+0200"); data/libpqtypes-1.5.1/src/regression-test.c:978:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(timetzval[2].tzabbr, "GMT-0300"); data/libpqtypes-1.5.1/src/regression-test.c:1184:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ipv4.sa_buf, info->ai_addr, ipv4.sa_buf_len); data/libpqtypes-1.5.1/src/regression-test.c:1209:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ipv6.sa_buf, info->ai_addr, ipv6.sa_buf_len); data/libpqtypes-1.5.1/src/spec.c:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/libpqtypes-1.5.1/src/spec.c:262:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typname[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/spec.c:263:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schema[PQT_MAXIDLEN + 1]; data/libpqtypes-1.5.1/src/spec.c:264:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[200]; data/libpqtypes-1.5.1/src/spec.c:278:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stmtBuf + *stmtPos, format, n); data/libpqtypes-1.5.1/src/spec.c:330:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stmtBuf + *stmtPos, tmp, n); data/libpqtypes-1.5.1/src/spec.c:427:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(news->idlist, s->idlist, s->idcnt * sizeof(int)); data/libpqtypes-1.5.1/src/spec.c:436:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(news->flags, s->flags, s->idcnt * sizeof(char)); data/libpqtypes-1.5.1/src/spec.c:493:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(schema, start, len); data/libpqtypes-1.5.1/src/spec.c:507:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(typname, start, len); data/libpqtypes-1.5.1/src/utils.c:82:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&n, buffer, 2); data/libpqtypes-1.5.1/src/utils.c:90:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&n, buffer, 4); data/libpqtypes-1.5.1/src/utils.c:103:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&in, inp, 8); data/libpqtypes-1.5.1/src/utils.c:122:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(outp, out, 8); data/libpqtypes-1.5.1/src/utils.c:163:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, src_len); data/libpqtypes-1.5.1/src/varlena.c:76:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bytea->data, value, len); data/libpqtypes-1.5.1/src/datetime.c:831:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = timestr + strlen(timestr); data/libpqtypes-1.5.1/src/error.c:264:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). curlen = (int) strlen(err->msg); data/libpqtypes-1.5.1/src/exec.c:377:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). stmt_len = strlen(cmdspec) + 1; data/libpqtypes-1.5.1/src/handler.c:373:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = attrs + strlen(attrs); /* last attr, point at NUL */ data/libpqtypes-1.5.1/src/numerics.c:310:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf)+1; data/libpqtypes-1.5.1/src/numerics.c:506:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). decdigits = (unsigned char *) malloc(strlen(cp) + DEC_DIGITS * 2); data/libpqtypes-1.5.1/src/regression-test.c:362:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = (int)strlen(put); data/libpqtypes-1.5.1/src/spec.c:128:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). stmtBufLen = strlen(format) + 1; data/libpqtypes-1.5.1/src/utils.c:157:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t src_len = strlen(src); data/libpqtypes-1.5.1/src/varlena.c:20:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return args->put.out ? (int)strlen(args->put.out)+1 : 0; data/libpqtypes-1.5.1/src/varlena.c:28:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return args->put.out ? (int)strlen(args->put.out) : 0; ANALYSIS SUMMARY: Hits = 115 Lines analyzed = 10425 in approximately 0.31 seconds (33651 lines/second) Physical Source Lines of Code (SLOC) = 7604 Hits@level = [0] 89 [1] 11 [2] 99 [3] 0 [4] 5 [5] 0 Hits@level+ = [0+] 204 [1+] 115 [2+] 104 [3+] 5 [4+] 5 [5+] 0 Hits/KSLOC@level+ = [0+] 26.828 [1+] 15.1236 [2+] 13.677 [3+] 0.657549 [4+] 0.657549 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.