Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libpqxx-6.4.5/config/sample-headers/compiler/VisualStudio2013/pqxx/config-internal-compiler.h
Examining data/libpqxx-6.4.5/config/sample-headers/compiler/VisualStudio2013/pqxx/config-public-compiler.h
Examining data/libpqxx-6.4.5/config/sample-headers/compiler/gcc-7.2/pqxx/config-internal-compiler.h
Examining data/libpqxx-6.4.5/config/sample-headers/compiler/gcc-7.2/pqxx/config-public-compiler.h
Examining data/libpqxx-6.4.5/src/array.cxx
Examining data/libpqxx-6.4.5/src/binarystring.cxx
Examining data/libpqxx-6.4.5/src/connection.cxx
Examining data/libpqxx-6.4.5/src/connection_base.cxx
Examining data/libpqxx-6.4.5/src/cursor.cxx
Examining data/libpqxx-6.4.5/src/dbtransaction.cxx
Examining data/libpqxx-6.4.5/src/encodings.cxx
Examining data/libpqxx-6.4.5/src/errorhandler.cxx
Examining data/libpqxx-6.4.5/src/except.cxx
Examining data/libpqxx-6.4.5/src/field.cxx
Examining data/libpqxx-6.4.5/src/largeobject.cxx
Examining data/libpqxx-6.4.5/src/nontransaction.cxx
Examining data/libpqxx-6.4.5/src/notification.cxx
Examining data/libpqxx-6.4.5/src/pipeline.cxx
Examining data/libpqxx-6.4.5/src/prepared_statement.cxx
Examining data/libpqxx-6.4.5/src/result.cxx
Examining data/libpqxx-6.4.5/src/robusttransaction.cxx
Examining data/libpqxx-6.4.5/src/row.cxx
Examining data/libpqxx-6.4.5/src/sql_cursor.cxx
Examining data/libpqxx-6.4.5/src/statement_parameters.cxx
Examining data/libpqxx-6.4.5/src/strconv.cxx
Examining data/libpqxx-6.4.5/src/stream_base.cxx
Examining data/libpqxx-6.4.5/src/stream_from.cxx
Examining data/libpqxx-6.4.5/src/stream_to.cxx
Examining data/libpqxx-6.4.5/src/subtransaction.cxx
Examining data/libpqxx-6.4.5/src/tablereader.cxx
Examining data/libpqxx-6.4.5/src/tablestream.cxx
Examining data/libpqxx-6.4.5/src/tablewriter.cxx
Examining data/libpqxx-6.4.5/src/transaction.cxx
Examining data/libpqxx-6.4.5/src/transaction_base.cxx
Examining data/libpqxx-6.4.5/src/util.cxx
Examining data/libpqxx-6.4.5/src/version.cxx
Examining data/libpqxx-6.4.5/test/runner.cxx
Examining data/libpqxx-6.4.5/test/test00.cxx
Examining data/libpqxx-6.4.5/test/test01.cxx
Examining data/libpqxx-6.4.5/test/test02.cxx
Examining data/libpqxx-6.4.5/test/test04.cxx
Examining data/libpqxx-6.4.5/test/test07.cxx
Examining data/libpqxx-6.4.5/test/test10.cxx
Examining data/libpqxx-6.4.5/test/test11.cxx
Examining data/libpqxx-6.4.5/test/test12.cxx
Examining data/libpqxx-6.4.5/test/test13.cxx
Examining data/libpqxx-6.4.5/test/test14.cxx
Examining data/libpqxx-6.4.5/test/test15.cxx
Examining data/libpqxx-6.4.5/test/test16.cxx
Examining data/libpqxx-6.4.5/test/test17.cxx
Examining data/libpqxx-6.4.5/test/test18.cxx
Examining data/libpqxx-6.4.5/test/test20.cxx
Examining data/libpqxx-6.4.5/test/test21.cxx
Examining data/libpqxx-6.4.5/test/test23.cxx
Examining data/libpqxx-6.4.5/test/test26.cxx
Examining data/libpqxx-6.4.5/test/test29.cxx
Examining data/libpqxx-6.4.5/test/test30.cxx
Examining data/libpqxx-6.4.5/test/test31.cxx
Examining data/libpqxx-6.4.5/test/test32.cxx
Examining data/libpqxx-6.4.5/test/test33.cxx
Examining data/libpqxx-6.4.5/test/test34.cxx
Examining data/libpqxx-6.4.5/test/test35.cxx
Examining data/libpqxx-6.4.5/test/test36.cxx
Examining data/libpqxx-6.4.5/test/test37.cxx
Examining data/libpqxx-6.4.5/test/test39.cxx
Examining data/libpqxx-6.4.5/test/test46.cxx
Examining data/libpqxx-6.4.5/test/test48.cxx
Examining data/libpqxx-6.4.5/test/test49.cxx
Examining data/libpqxx-6.4.5/test/test50.cxx
Examining data/libpqxx-6.4.5/test/test51.cxx
Examining data/libpqxx-6.4.5/test/test52.cxx
Examining data/libpqxx-6.4.5/test/test53.cxx
Examining data/libpqxx-6.4.5/test/test54.cxx
Examining data/libpqxx-6.4.5/test/test55.cxx
Examining data/libpqxx-6.4.5/test/test56.cxx
Examining data/libpqxx-6.4.5/test/test57.cxx
Examining data/libpqxx-6.4.5/test/test58.cxx
Examining data/libpqxx-6.4.5/test/test59.cxx
Examining data/libpqxx-6.4.5/test/test60.cxx
Examining data/libpqxx-6.4.5/test/test61.cxx
Examining data/libpqxx-6.4.5/test/test62.cxx
Examining data/libpqxx-6.4.5/test/test63.cxx
Examining data/libpqxx-6.4.5/test/test64.cxx
Examining data/libpqxx-6.4.5/test/test65.cxx
Examining data/libpqxx-6.4.5/test/test66.cxx
Examining data/libpqxx-6.4.5/test/test67.cxx
Examining data/libpqxx-6.4.5/test/test69.cxx
Examining data/libpqxx-6.4.5/test/test70.cxx
Examining data/libpqxx-6.4.5/test/test71.cxx
Examining data/libpqxx-6.4.5/test/test72.cxx
Examining data/libpqxx-6.4.5/test/test73.cxx
Examining data/libpqxx-6.4.5/test/test74.cxx
Examining data/libpqxx-6.4.5/test/test75.cxx
Examining data/libpqxx-6.4.5/test/test76.cxx
Examining data/libpqxx-6.4.5/test/test77.cxx
Examining data/libpqxx-6.4.5/test/test78.cxx
Examining data/libpqxx-6.4.5/test/test79.cxx
Examining data/libpqxx-6.4.5/test/test82.cxx
Examining data/libpqxx-6.4.5/test/test84.cxx
Examining data/libpqxx-6.4.5/test/test86.cxx
Examining data/libpqxx-6.4.5/test/test87.cxx
Examining data/libpqxx-6.4.5/test/test88.cxx
Examining data/libpqxx-6.4.5/test/test89.cxx
Examining data/libpqxx-6.4.5/test/test90.cxx
Examining data/libpqxx-6.4.5/test/test92.cxx
Examining data/libpqxx-6.4.5/test/test93.cxx
Examining data/libpqxx-6.4.5/test/unit/runner.cxx
Examining data/libpqxx-6.4.5/test/unit/test_array.cxx
Examining data/libpqxx-6.4.5/test/unit/test_binarystring.cxx
Examining data/libpqxx-6.4.5/test/unit/test_cancel_query.cxx
Examining data/libpqxx-6.4.5/test/unit/test_cursor.cxx
Examining data/libpqxx-6.4.5/test/unit/test_encodings.cxx
Examining data/libpqxx-6.4.5/test/unit/test_error_verbosity.cxx
Examining data/libpqxx-6.4.5/test/unit/test_errorhandler.cxx
Examining data/libpqxx-6.4.5/test/unit/test_escape.cxx
Examining data/libpqxx-6.4.5/test/unit/test_exceptions.cxx
Examining data/libpqxx-6.4.5/test/unit/test_float.cxx
Examining data/libpqxx-6.4.5/test/unit/test_notification.cxx
Examining data/libpqxx-6.4.5/test/unit/test_parameterized.cxx
Examining data/libpqxx-6.4.5/test/unit/test_pipeline.cxx
Examining data/libpqxx-6.4.5/test/unit/test_prepared_statement.cxx
Examining data/libpqxx-6.4.5/test/unit/test_read_transaction.cxx
Examining data/libpqxx-6.4.5/test/unit/test_result_iteration.cxx
Examining data/libpqxx-6.4.5/test/unit/test_result_slicing.cxx
Examining data/libpqxx-6.4.5/test/unit/test_row.cxx
Examining data/libpqxx-6.4.5/test/unit/test_simultaneous_transactions.cxx
Examining data/libpqxx-6.4.5/test/unit/test_sql_cursor.cxx
Examining data/libpqxx-6.4.5/test/unit/test_stateless_cursor.cxx
Examining data/libpqxx-6.4.5/test/unit/test_stream_from.cxx
Examining data/libpqxx-6.4.5/test/unit/test_stream_to.cxx
Examining data/libpqxx-6.4.5/test/unit/test_string_conversion.cxx
Examining data/libpqxx-6.4.5/test/unit/test_subtransaction.cxx
Examining data/libpqxx-6.4.5/test/unit/test_test_helpers.cxx
Examining data/libpqxx-6.4.5/test/unit/test_thread_safety_model.cxx
Examining data/libpqxx-6.4.5/test/unit/test_transaction_base.cxx
Examining data/libpqxx-6.4.5/test/unit/test_transactor.cxx
Examining data/libpqxx-6.4.5/tools/pqxxthreadsafety.cxx
Examining data/libpqxx-6.4.5/tools/rmlo.cxx
Examining data/libpqxx-6.4.5/win32/libpqxx.cxx
FINAL RESULTS:
data/libpqxx-6.4.5/src/connection_base.cxx:391:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[bytes], separator);
data/libpqxx-6.4.5/src/connection_base.cxx:402:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[bytes], &"\n"[buf[bytes-1]=='\n']);
data/libpqxx-6.4.5/src/binarystring.cxx:39:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<char *>(output), data, len);
data/libpqxx-6.4.5/src/connection_base.cxx:388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1007];
data/libpqxx-6.4.5/src/connection_base.cxx:395:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &msg[written], bytes);
data/libpqxx-6.4.5/src/connection_base.cxx:400:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &msg[written], bytes);
data/libpqxx-6.4.5/src/connection_base.cxx:517:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_errbuf[500];
data/libpqxx-6.4.5/src/largeobject.cxx:153:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(mode);
data/libpqxx-6.4.5/src/largeobject.cxx:164:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(mode);
data/libpqxx-6.4.5/src/largeobject.cxx:175:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(mode);
data/libpqxx-6.4.5/src/largeobject.cxx:186:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(mode);
data/libpqxx-6.4.5/src/largeobject.cxx:275:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void pqxx::largeobjectaccess::open(openmode mode)
data/libpqxx-6.4.5/src/result.cxx:296:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return RowsStr[0] ? size_type(atoi(RowsStr)) : 0;
data/libpqxx-6.4.5/src/strconv.cxx:144:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[size_buffer<T>()];
data/libpqxx-6.4.5/src/strconv.cxx:418:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4*sizeof(T)+1];
data/libpqxx-6.4.5/test/test50.cxx:66:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[200];
data/libpqxx-6.4.5/test/test51.cxx:27:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[200];
data/libpqxx-6.4.5/test/test53.cxx:31:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[200];
data/libpqxx-6.4.5/test/test55.cxx:22:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[200];
data/libpqxx-6.4.5/test/test58.cxx:26:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[200];
data/libpqxx-6.4.5/src/array.cxx:233:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_end(input == nullptr ? 0 : std::strlen(input)),
data/libpqxx-6.4.5/src/connection_base.cxx:372:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto len = strlen(msg);
data/libpqxx-6.4.5/src/connection_base.cxx:1116:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return this->esc(str, strlen(str));
data/libpqxx-6.4.5/src/largeobject.cxx:260:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pqxx::largeobjectaccess::read(char Buf[], size_type Len)
data/libpqxx-6.4.5/src/result.cxx:141:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
inline bool equal(const char lhs[], const char rhs[])
data/libpqxx-6.4.5/src/result.cxx:171:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"23001")) throw restrict_violation{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:172:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"23502")) throw not_null_violation{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:173:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"23503"))
data/libpqxx-6.4.5/src/result.cxx:175:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"23505")) throw unique_violation{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:176:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"23514")) throw check_violation{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:195:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code, "40000")) throw transaction_rollback{Err};
data/libpqxx-6.4.5/src/result.cxx:196:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code, "40001")) throw serialization_failure{Err};
data/libpqxx-6.4.5/src/result.cxx:197:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code, "40003")) throw statement_completion_unknown{Err};
data/libpqxx-6.4.5/src/result.cxx:198:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code, "40P01")) throw deadlock_detected{Err};
data/libpqxx-6.4.5/src/result.cxx:201:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"42501")) throw insufficient_privilege{Err, Query};
data/libpqxx-6.4.5/src/result.cxx:202:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"42601"))
data/libpqxx-6.4.5/src/result.cxx:204:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"42703")) throw undefined_column{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:205:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"42883")) throw undefined_function{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:206:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"42P01")) throw undefined_table{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:213:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"53100")) throw disk_full{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:214:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"53200")) throw out_of_memory{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:215:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code,"53300")) throw too_many_connections{Err};
data/libpqxx-6.4.5/src/result.cxx:221:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code, "P0001")) throw plpgsql_raise{Err, Query, code};
data/libpqxx-6.4.5/src/result.cxx:222:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code, "P0002"))
data/libpqxx-6.4.5/src/result.cxx:224:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal(code, "P0003"))
data/libpqxx-6.4.5/src/strconv.cxx:47:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
inline bool equal(const char lhs[], const char rhs[])
data/libpqxx-6.4.5/src/strconv.cxx:317:2: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal("infinity", str) or
data/libpqxx-6.4.5/src/strconv.cxx:318:2: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal("Infinity", str) or
data/libpqxx-6.4.5/src/strconv.cxx:319:2: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal("INFINITY", str) or
data/libpqxx-6.4.5/src/strconv.cxx:320:2: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal("inf", str);
data/libpqxx-6.4.5/src/strconv.cxx:680:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
(not equal(Str+1, "alse")) and
data/libpqxx-6.4.5/src/strconv.cxx:681:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
(not equal(Str+1, "ALSE")));
data/libpqxx-6.4.5/src/strconv.cxx:703:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
(not equal(Str+1, "rue")) and
data/libpqxx-6.4.5/src/strconv.cxx:704:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
(not equal(Str+1, "RUE")));
data/libpqxx-6.4.5/test/test11.cxx:69:2: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(R[0][c].c_str()),
data/libpqxx-6.4.5/test/test30.cxx:76:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::strlen(R[0][c].c_str()),
data/libpqxx-6.4.5/test/test50.cxx:88:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PQXX_CHECK(size_t(A.read(Buf, Size)) <= Size, "Got too many bytes.");
data/libpqxx-6.4.5/test/test51.cxx:34:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t(A.read(Buf, Size)),
data/libpqxx-6.4.5/test/test51.cxx:53:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t(A.read(Buf, Size)),
data/libpqxx-6.4.5/test/test53.cxx:34:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto len = O.read(Buf, sizeof(Buf)-1);
data/libpqxx-6.4.5/test/test55.cxx:26:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto len = A.read(Buf, sizeof(Buf)-1);
data/libpqxx-6.4.5/test/test58.cxx:29:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
A.read(Buf, Size),
data/libpqxx-6.4.5/test/test58.cxx:50:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
A.read(&Check, 1),
data/libpqxx-6.4.5/test/test58.cxx:64:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
A.read(&Check, 1),
data/libpqxx-6.4.5/test/test62.cxx:28:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(TestStr.c_str()));
data/libpqxx-6.4.5/test/test92.cxx:21:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PQXX_CHECK(data.size() > strlen(databuf), "Unknown data length problem.");
ANALYSIS SUMMARY:
Hits = 66
Lines analyzed = 17353 in approximately 0.59 seconds (29323 lines/second)
Physical Source Lines of Code (SLOC) = 12644
Hits@level = [0] 0 [1] 46 [2] 18 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 66 [1+] 66 [2+] 20 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 5.21987 [1+] 5.21987 [2+] 1.58178 [3+] 0.158178 [4+] 0.158178 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.