Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libsigrok-0.5.2/bindings/cxx/classes.cpp
Examining data/libsigrok-0.5.2/bindings/cxx/ConfigKey_methods.hpp
Examining data/libsigrok-0.5.2/bindings/cxx/ConfigKey_methods.cpp
Examining data/libsigrok-0.5.2/bindings/cxx/QuantityFlag_methods.cpp
Examining data/libsigrok-0.5.2/bindings/cxx/include/libsigrokcxx/libsigrokcxx.hpp
Examining data/libsigrok-0.5.2/bindings/cxx/QuantityFlag_methods.hpp
Examining data/libsigrok-0.5.2/include/libsigrok/libsigrok.h
Examining data/libsigrok-0.5.2/include/libsigrok/proto.h
Examining data/libsigrok-0.5.2/src/std.c
Examining data/libsigrok-0.5.2/src/serial_libsp.c
Examining data/libsigrok-0.5.2/src/output/output.c
Examining data/libsigrok-0.5.2/src/output/csv.c
Examining data/libsigrok-0.5.2/src/output/vcd.c
Examining data/libsigrok-0.5.2/src/output/wavedrom.c
Examining data/libsigrok-0.5.2/src/output/srzip.c
Examining data/libsigrok-0.5.2/src/output/wav.c
Examining data/libsigrok-0.5.2/src/output/hex.c
Examining data/libsigrok-0.5.2/src/output/ols.c
Examining data/libsigrok-0.5.2/src/output/ascii.c
Examining data/libsigrok-0.5.2/src/output/binary.c
Examining data/libsigrok-0.5.2/src/output/chronovu_la8.c
Examining data/libsigrok-0.5.2/src/output/null.c
Examining data/libsigrok-0.5.2/src/output/analog.c
Examining data/libsigrok-0.5.2/src/output/bits.c
Examining data/libsigrok-0.5.2/src/error.c
Examining data/libsigrok-0.5.2/src/scale/kern.c
Examining data/libsigrok-0.5.2/src/driver_list_start.c
Examining data/libsigrok-0.5.2/src/scpi/vxi.h
Examining data/libsigrok-0.5.2/src/scpi/scpi_usbtmc_libusb.c
Examining data/libsigrok-0.5.2/src/scpi/scpi_tcp.c
Examining data/libsigrok-0.5.2/src/scpi/vxi_xdr.c
Examining data/libsigrok-0.5.2/src/scpi/scpi_visa.c
Examining data/libsigrok-0.5.2/src/scpi/scpi.c
Examining data/libsigrok-0.5.2/src/scpi/scpi_vxi.c
Examining data/libsigrok-0.5.2/src/scpi/scpi_libgpib.c
Examining data/libsigrok-0.5.2/src/scpi/scpi_serial.c
Examining data/libsigrok-0.5.2/src/scpi/vxi_clnt.c
Examining data/libsigrok-0.5.2/src/serial_hid.c
Examining data/libsigrok-0.5.2/src/driver_list_stop.c
Examining data/libsigrok-0.5.2/src/trigger.c
Examining data/libsigrok-0.5.2/src/serial.c
Examining data/libsigrok-0.5.2/src/strutil.c
Examining data/libsigrok-0.5.2/src/bt/bt_bluez.c
Examining data/libsigrok-0.5.2/src/session.c
Examining data/libsigrok-0.5.2/src/libsigrok-internal.h
Examining data/libsigrok-0.5.2/src/resource.c
Examining data/libsigrok-0.5.2/src/serial_hid_victor.c
Examining data/libsigrok-0.5.2/src/conversion.c
Examining data/libsigrok-0.5.2/src/scpi.h
Examining data/libsigrok-0.5.2/src/hardware/sysclk-sla5032/api.c
Examining data/libsigrok-0.5.2/src/hardware/sysclk-sla5032/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/sysclk-sla5032/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/hameg-hmo/api.c
Examining data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/dreamsourcelab-dslogic/api.c
Examining data/libsigrok-0.5.2/src/hardware/dreamsourcelab-dslogic/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/dreamsourcelab-dslogic/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/lecroy-logicstudio/api.c
Examining data/libsigrok-0.5.2/src/hardware/lecroy-logicstudio/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/lecroy-logicstudio/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/pipistrello-ols/api.c
Examining data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/api.c
Examining data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/baylibre-acme/api.c
Examining data/libsigrok-0.5.2/src/hardware/baylibre-acme/gpio.c
Examining data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/baylibre-acme/gpio.h
Examining data/libsigrok-0.5.2/src/hardware/hp-3478a/api.c
Examining data/libsigrok-0.5.2/src/hardware/hp-3478a/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/hp-3478a/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/api.c
Examining data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/kern-scale/api.c
Examining data/libsigrok-0.5.2/src/hardware/kern-scale/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/kern-scale/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/asix-sigma/api.c
Examining data/libsigrok-0.5.2/src/hardware/asix-sigma/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/asix-sigma/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c
Examining data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/testo/api.c
Examining data/libsigrok-0.5.2/src/hardware/testo/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/testo/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/rohde-schwarz-sme-0x/api.c
Examining data/libsigrok-0.5.2/src/hardware/rohde-schwarz-sme-0x/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/rohde-schwarz-sme-0x/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/rigol-ds/api.c
Examining data/libsigrok-0.5.2/src/hardware/rigol-ds/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/rigol-ds/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/gwinstek-gds-800/api.c
Examining data/libsigrok-0.5.2/src/hardware/gwinstek-gds-800/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/gwinstek-gds-800/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/rdtech-dps/api.c
Examining data/libsigrok-0.5.2/src/hardware/rdtech-dps/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/rdtech-dps/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/api.c
Examining data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol_wrappers.c
Examining data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol_wrappers.h
Examining data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/fluke-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/fluke-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/fluke-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/fx2lafw/api.c
Examining data/libsigrok-0.5.2/src/hardware/fx2lafw/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/fx2lafw/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/mic-985xx/api.c
Examining data/libsigrok-0.5.2/src/hardware/mic-985xx/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/mic-985xx/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/serial-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/serial-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/serial-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/conrad-digi-35-cpu/api.c
Examining data/libsigrok-0.5.2/src/hardware/conrad-digi-35-cpu/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/conrad-digi-35-cpu/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/uni-t-ut32x/api.c
Examining data/libsigrok-0.5.2/src/hardware/uni-t-ut32x/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/uni-t-ut32x/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/teleinfo/api.c
Examining data/libsigrok-0.5.2/src/hardware/teleinfo/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/teleinfo/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/zketech-ebd-usb/api.c
Examining data/libsigrok-0.5.2/src/hardware/zketech-ebd-usb/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/zketech-ebd-usb/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/pce-322a/api.c
Examining data/libsigrok-0.5.2/src/hardware/pce-322a/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/pce-322a/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/lascar-el-usb/api.c
Examining data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/agilent-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/scpi-pps/profiles.c
Examining data/libsigrok-0.5.2/src/hardware/scpi-pps/api.c
Examining data/libsigrok-0.5.2/src/hardware/scpi-pps/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/scpi-pps/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/hung-chang-dso-2100/api.c
Examining data/libsigrok-0.5.2/src/hardware/hung-chang-dso-2100/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/hung-chang-dso-2100/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/colead-slm/api.c
Examining data/libsigrok-0.5.2/src/hardware/colead-slm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/colead-slm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/hantek-4032l/api.c
Examining data/libsigrok-0.5.2/src/hardware/hantek-4032l/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/hantek-4032l/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/fluke-45/api.c
Examining data/libsigrok-0.5.2/src/hardware/fluke-45/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/fluke-45/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/beaglelogic/api.c
Examining data/libsigrok-0.5.2/src/hardware/beaglelogic/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/beaglelogic/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic.h
Examining data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_native.c
Examining data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_tcp.c
Examining data/libsigrok-0.5.2/src/hardware/norma-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/norma-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/norma-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/demo/api.c
Examining data/libsigrok-0.5.2/src/hardware/demo/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/demo/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/hp-3457a/api.c
Examining data/libsigrok-0.5.2/src/hardware/hp-3457a/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/hp-3457a/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/ftdi-la/api.c
Examining data/libsigrok-0.5.2/src/hardware/ftdi-la/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/ftdi-la/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/lecroy-xstream/api.c
Examining data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/ikalogic-scanaplus/api.c
Examining data/libsigrok-0.5.2/src/hardware/ikalogic-scanaplus/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/ikalogic-scanaplus/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/brymen-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/brymen-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/brymen-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/brymen-dmm/parser.c
Examining data/libsigrok-0.5.2/src/hardware/appa-55ii/api.c
Examining data/libsigrok-0.5.2/src/hardware/appa-55ii/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/appa-55ii/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/api.c
Examining data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/chronovu-la/api.c
Examining data/libsigrok-0.5.2/src/hardware/chronovu-la/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/chronovu-la/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/hantek-6xxx/api.c
Examining data/libsigrok-0.5.2/src/hardware/hantek-6xxx/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/hantek-6xxx/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/scpi-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/scpi-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/scpi-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/api.c
Examining data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/sysclk-lwla/lwla.c
Examining data/libsigrok-0.5.2/src/hardware/sysclk-lwla/api.c
Examining data/libsigrok-0.5.2/src/hardware/sysclk-lwla/lwla1034.c
Examining data/libsigrok-0.5.2/src/hardware/sysclk-lwla/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/sysclk-lwla/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/sysclk-lwla/lwla.h
Examining data/libsigrok-0.5.2/src/hardware/sysclk-lwla/lwla1016.c
Examining data/libsigrok-0.5.2/src/hardware/saleae-logic16/api.c
Examining data/libsigrok-0.5.2/src/hardware/saleae-logic16/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/saleae-logic16/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/cem-dt-885x/api.c
Examining data/libsigrok-0.5.2/src/hardware/cem-dt-885x/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/cem-dt-885x/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/serial-lcr/api.c
Examining data/libsigrok-0.5.2/src/hardware/serial-lcr/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/serial-lcr/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/atten-pps3xxx/api.c
Examining data/libsigrok-0.5.2/src/hardware/atten-pps3xxx/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/atten-pps3xxx/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/api.c
Examining data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/tondaj-sl-814/api.c
Examining data/libsigrok-0.5.2/src/hardware/tondaj-sl-814/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/tondaj-sl-814/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/gl_usb.h
Examining data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/api.c
Examining data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/analyzer.c
Examining data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/analyzer.h
Examining data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/gl_usb.c
Examining data/libsigrok-0.5.2/src/hardware/maynuo-m97/api.c
Examining data/libsigrok-0.5.2/src/hardware/maynuo-m97/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/maynuo-m97/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/siglent-sds/api.c
Examining data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/ipdbg-la/api.c
Examining data/libsigrok-0.5.2/src/hardware/ipdbg-la/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/ipdbg-la/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/gmc-mh-1x-2x/api.c
Examining data/libsigrok-0.5.2/src/hardware/gmc-mh-1x-2x/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/gmc-mh-1x-2x/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/uni-t-dmm/api.c
Examining data/libsigrok-0.5.2/src/hardware/uni-t-dmm/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/uni-t-dmm/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/hantek-dso/api.c
Examining data/libsigrok-0.5.2/src/hardware/hantek-dso/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/hantek-dso/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/api.c
Examining data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/mastech-ms6514/api.c
Examining data/libsigrok-0.5.2/src/hardware/mastech-ms6514/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/mastech-ms6514/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c
Examining data/libsigrok-0.5.2/src/hardware/motech-lps-30x/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/motech-lps-30x/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/api.c
Examining data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/microchip-pickit2/api.c
Examining data/libsigrok-0.5.2/src/hardware/microchip-pickit2/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/microchip-pickit2/protocol.h
Examining data/libsigrok-0.5.2/src/hardware/center-3xx/api.c
Examining data/libsigrok-0.5.2/src/hardware/center-3xx/protocol.c
Examining data/libsigrok-0.5.2/src/hardware/center-3xx/protocol.h
Examining data/libsigrok-0.5.2/src/transform/transform.c
Examining data/libsigrok-0.5.2/src/transform/invert.c
Examining data/libsigrok-0.5.2/src/transform/scale.c
Examining data/libsigrok-0.5.2/src/transform/nop.c
Examining data/libsigrok-0.5.2/src/serial_hid.h
Examining data/libsigrok-0.5.2/src/dmm/ut372.c
Examining data/libsigrok-0.5.2/src/dmm/metex14.c
Examining data/libsigrok-0.5.2/src/dmm/es519xx.c
Examining data/libsigrok-0.5.2/src/dmm/vc870.c
Examining data/libsigrok-0.5.2/src/dmm/eev121gw.c
Examining data/libsigrok-0.5.2/src/dmm/fs9922.c
Examining data/libsigrok-0.5.2/src/dmm/rs9lcd.c
Examining data/libsigrok-0.5.2/src/dmm/vc96.c
Examining data/libsigrok-0.5.2/src/dmm/bm25x.c
Examining data/libsigrok-0.5.2/src/dmm/bm86x.c
Examining data/libsigrok-0.5.2/src/dmm/fs9721.c
Examining data/libsigrok-0.5.2/src/dmm/ms8250d.c
Examining data/libsigrok-0.5.2/src/dmm/m2110.c
Examining data/libsigrok-0.5.2/src/dmm/ut71x.c
Examining data/libsigrok-0.5.2/src/dmm/dtm0660.c
Examining data/libsigrok-0.5.2/src/dmm/asycii.c
Examining data/libsigrok-0.5.2/src/dmm/ms2115b.c
Examining data/libsigrok-0.5.2/src/serial_bt.c
Examining data/libsigrok-0.5.2/src/version.c
Examining data/libsigrok-0.5.2/src/serial_hid_cp2110.c
Examining data/libsigrok-0.5.2/src/drivers.c
Examining data/libsigrok-0.5.2/src/serial_hid_bu86x.c
Examining data/libsigrok-0.5.2/src/log.c
Examining data/libsigrok-0.5.2/src/hwdriver.c
Examining data/libsigrok-0.5.2/src/modbus/modbus.c
Examining data/libsigrok-0.5.2/src/modbus/modbus_serial_rtu.c
Examining data/libsigrok-0.5.2/src/session_file.c
Examining data/libsigrok-0.5.2/src/lcr/vc4080.c
Examining data/libsigrok-0.5.2/src/lcr/es51919.c
Examining data/libsigrok-0.5.2/src/sw_limits.c
Examining data/libsigrok-0.5.2/src/input/csv.c
Examining data/libsigrok-0.5.2/src/input/vcd.c
Examining data/libsigrok-0.5.2/src/input/wav.c
Examining data/libsigrok-0.5.2/src/input/input.c
Examining data/libsigrok-0.5.2/src/input/binary.c
Examining data/libsigrok-0.5.2/src/input/chronovu_la8.c
Examining data/libsigrok-0.5.2/src/input/raw_analog.c
Examining data/libsigrok-0.5.2/src/input/null.c
Examining data/libsigrok-0.5.2/src/input/logicport.c
Examining data/libsigrok-0.5.2/src/input/trace32_ad.c
Examining data/libsigrok-0.5.2/src/usb.c
Examining data/libsigrok-0.5.2/src/backend.c
Examining data/libsigrok-0.5.2/src/ezusb.c
Examining data/libsigrok-0.5.2/src/device.c
Examining data/libsigrok-0.5.2/src/soft-trigger.c
Examining data/libsigrok-0.5.2/src/serial_hid_ch9325.c
Examining data/libsigrok-0.5.2/src/analog.c
Examining data/libsigrok-0.5.2/src/session_driver.c
Examining data/libsigrok-0.5.2/src/fallback.c
Examining data/libsigrok-0.5.2/tests/trigger.c
Examining data/libsigrok-0.5.2/tests/session.c
Examining data/libsigrok-0.5.2/tests/lib.c
Examining data/libsigrok-0.5.2/tests/input_all.c
Examining data/libsigrok-0.5.2/tests/output_all.c
Examining data/libsigrok-0.5.2/tests/transform_all.c
Examining data/libsigrok-0.5.2/tests/main.c
Examining data/libsigrok-0.5.2/tests/core.c
Examining data/libsigrok-0.5.2/tests/version.c
Examining data/libsigrok-0.5.2/tests/driver_all.c
Examining data/libsigrok-0.5.2/tests/device.c
Examining data/libsigrok-0.5.2/tests/lib.h
Examining data/libsigrok-0.5.2/tests/analog.c
Examining data/libsigrok-0.5.2/tests/input_binary.c
Examining data/libsigrok-0.5.2/tests/strutil.c
FINAL RESULTS:
data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.c:219:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf) - 3, cmd, args);
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_tcp.c:96:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(NULL, 0, format, args_copy);
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_tcp.c:100:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf, format, args);
data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/protocol.c:32:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(cmdbuf, sizeof(cmdbuf), cmd, args);
data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/protocol.c:34:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(cmdbuf, sizeof(cmdbuf), cmd, args);
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:126:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), auxfmt, args);
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:208:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(reply, buf);
data/libsigrok-0.5.2/src/hardware/serial-dmm/api.c:153:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(ch_name, sizeof(ch_name), fmt, ch_num);
data/libsigrok-0.5.2/src/hardware/serial-lcr/api.c:166:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(ch_name, sizeof(ch_name), fmt, ch_idx + 1);
data/libsigrok-0.5.2/src/hardware/teleinfo/protocol.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(optarif, data);
data/libsigrok-0.5.2/src/strutil.c:346:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vsprintf(buf, format, args);
data/libsigrok-0.5.2/src/strutil.c:385:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vsprintf(buf, format, args);
data/libsigrok-0.5.2/src/strutil.c:396:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vsprintf(buf, format, args);
data/libsigrok-0.5.2/src/strutil.c:411:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vsprintf(buf, format, args);
data/libsigrok-0.5.2/src/strutil.c:519:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(buf, buf_size, format, args);
data/libsigrok-0.5.2/src/strutil.c:558:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(buf, buf_size, format, args);
data/libsigrok-0.5.2/src/strutil.c:569:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(buf, buf_size, format, args);
data/libsigrok-0.5.2/src/strutil.c:584:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(buf, buf_size, format, args);
data/libsigrok-0.5.2/src/strutil.c:762:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fmt, ".%%0%d"PRIu64, i * 3);
data/libsigrok-0.5.2/src/strutil.c:763:15: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
f = fract + sprintf(fract, fmt, x % divisor[i]) - 1;
data/libsigrok-0.5.2/tests/strutil.c:38:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(s, len, format, args);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:421:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint8_t random[32] = {};
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:432:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ret = crypto_random(sdi, random);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:435:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sr_dbg("random: 0x%02x 0x%02x 0x%02x 0x%02x", random[0], random[1], random[2], random[3]);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:435:59: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sr_dbg("random: 0x%02x 0x%02x 0x%02x 0x%02x", random[0], random[1], random[2], random[3]);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:435:70: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sr_dbg("random: 0x%02x 0x%02x 0x%02x 0x%02x", random[0], random[1], random[2], random[3]);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:435:81: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sr_dbg("random: 0x%02x 0x%02x 0x%02x 0x%02x", random[0], random[1], random[2], random[3]);
data/libsigrok-0.5.2/bindings/cxx/classes.cpp:84:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
reader->open(res, name);
data/libsigrok-0.5.2/bindings/cxx/classes.cpp:669:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void Device::open()
data/libsigrok-0.5.2/bindings/cxx/include/libsigrokcxx/libsigrokcxx.hpp:224:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(struct sr_resource *res, std::string name) = 0;
data/libsigrok-0.5.2/bindings/cxx/include/libsigrokcxx/libsigrokcxx.hpp:396:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/libsigrok-0.5.2/src/analog.c:275:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outbuf, analog->data, count * sizeof(float));
data/libsigrok-0.5.2/src/bt/bt_bluez.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[3];
data/libsigrok-0.5.2/src/bt/bt_bluez.c:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[20];
data/libsigrok-0.5.2/src/bt/bt_bluez.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_addr[20];
data/libsigrok-0.5.2/src/bt/bt_bluez.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_addr[20];
data/libsigrok-0.5.2/src/bt/bt_bluez.c:532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[20];
data/libsigrok-0.5.2/src/bt/bt_bluez.c:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[20];
data/libsigrok-0.5.2/src/bt/bt_bluez.c:630:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/libsigrok-0.5.2/src/device.c:812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conn_id_usb[64];
data/libsigrok-0.5.2/src/dmm/asycii.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr[7 + 1];
data/libsigrok-0.5.2/src/dmm/asycii.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[8 + 1];
data/libsigrok-0.5.2/src/dmm/bm86x.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtbuf[16], temp_unit;
data/libsigrok-0.5.2/src/dmm/eev121gw.c:309:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SR_PRIV const char *eev121gw_channel_formats[EEV121GW_DISPLAY_COUNT] = {
data/libsigrok-0.5.2/src/dmm/metex14.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr[7 + 1];
data/libsigrok-0.5.2/src/dmm/metex14.c:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[4 + 1];
data/libsigrok-0.5.2/src/dmm/ms2115b.c:211:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SR_PRIV const char *ms2115b_channel_formats[MS2115B_DISPLAY_COUNT] = {
data/libsigrok-0.5.2/src/dmm/ut372.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[3];
data/libsigrok-0.5.2/src/dmm/vc96.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr[8 + 1];
data/libsigrok-0.5.2/src/dmm/vc96.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[4 + 1];
data/libsigrok-0.5.2/src/ezusb.c:41:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1];
data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.c:223:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "\r\n");
data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.c:225:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "\n\r\n");
data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.h:85:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[AGDMM_BUFSIZE];
data/libsigrok-0.5.2/src/hardware/appa-55ii/protocol.c:210:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->log_buf + devc->log_buf_len, ptr, s);
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RELOADPRO_BUFSIZE];
data/libsigrok-0.5.2/src/hardware/asix-sigma/api.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_txt[10];
data/libsigrok-0.5.2/src/hardware/atten-pps3xxx/api.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel[10];
data/libsigrok-0.5.2/src/hardware/atten-pps3xxx/protocol.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/libsigrok-0.5.2/src/hardware/atten-pps3xxx/protocol.c:31:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "%.2x ", packet[i]);
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eeprom_buf[EEPROM_SIZE];
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:638:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:662:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[64];
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:682:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDONLY);
data/libsigrok-0.5.2/src/hardware/beaglelogic/api.c:125:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (devc->beaglelogic->open(devc) != SR_OK)
data/libsigrok-0.5.2/src/hardware/beaglelogic/api.c:160:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (devc->beaglelogic->open(devc))
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic.h:96:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(struct dev_context *devc);
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_native.c:25:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devc->fd = open(BEAGLELOGIC_DEV_NODE, O_RDONLY | O_NONBLOCK);
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_native.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_native.c:88:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(BEAGLELOGIC_SYSFS_ATTR(lasterror), O_RDONLY)) == -1)
data/libsigrok-0.5.2/src/hardware/brymen-dmm/parser.c:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/libsigrok-0.5.2/src/hardware/cem-dt-885x/protocol.h:105:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[BUF_SIZE];
data/libsigrok-0.5.2/src/hardware/chronovu-la/api.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product[64], serial_num[64], connection_id[64];
data/libsigrok-0.5.2/src/hardware/colead-slm/protocol.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/libsigrok-0.5.2/src/hardware/colead-slm/protocol.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/libsigrok-0.5.2/src/hardware/conrad-digi-35-cpu/protocol.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[5];
data/libsigrok-0.5.2/src/hardware/demo/api.c:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel_name[16];
data/libsigrok-0.5.2/src/hardware/demo/api.c:157:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(channel_name, "D%d", i);
data/libsigrok-0.5.2/src/hardware/dreamsourcelab-dslogic/api.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char manufacturer[64], product[64], serial_num[64], connection_id[64];
data/libsigrok-0.5.2/src/hardware/dreamsourcelab-dslogic/api.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel_name[16];
data/libsigrok-0.5.2/src/hardware/dreamsourcelab-dslogic/api.c:246:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(channel_name, "%d", j);
data/libsigrok-0.5.2/src/hardware/dreamsourcelab-dslogic/protocol.c:548:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/fluke-45/protocol.c:133:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mod = atoi(devc->response);
data/libsigrok-0.5.2/src/hardware/fluke-45/protocol.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expstr[3];
data/libsigrok-0.5.2/src/hardware/fluke-dmm/api.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128], *b, **tokens;
data/libsigrok-0.5.2/src/hardware/fluke-dmm/protocol.c:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[16], **tokens;
data/libsigrok-0.5.2/src/hardware/fluke-dmm/protocol.c:466:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
n = sprintf(cmd, "QM %d\r", devc->meas_type);
data/libsigrok-0.5.2/src/hardware/fluke-dmm/protocol.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FLUKEDMM_BUFSIZE];
data/libsigrok-0.5.2/src/hardware/fx2lafw/api.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char manufacturer[64], product[64], serial_num[64], connection_id[64];
data/libsigrok-0.5.2/src/hardware/fx2lafw/api.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel_name[16];
data/libsigrok-0.5.2/src/hardware/fx2lafw/api.c:311:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(channel_name, "D%d", j);
data/libsigrok-0.5.2/src/hardware/fx2lafw/protocol.c:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/gwinstek-gds-800/protocol.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[32];
data/libsigrok-0.5.2/src/hardware/gwinstek-gds-800/protocol.c:200:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&devc->sample_rate, &sample_rate, sizeof(float));
data/libsigrok-0.5.2/src/hardware/gwinstek-gds-800/protocol.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rcv_buffer[MAX_RCV_BUFFER_SIZE];
data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/api.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[50];
data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/api.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel[10];
data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/protocol.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[50];
data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/protocol.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[50];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/api.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE], command2[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/api.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char float_str[30], *tmp_str;
data/libsigrok-0.5.2/src/hardware/hameg-hmo/api.c:622:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/api.c:712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.c:874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.c:948:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *logic_threshold_short[MAX_NUM_LOGIC_THRESHOLD_ENTRIES];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.c:949:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.c:1238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)(*scope_models[model_index].analog_names)[i]);
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.h:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name[MAX_INSTRUMENT_VERSIONS];
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trigger_pattern[MAX_ANALOG_CHANNEL_COUNT + MAX_DIGITAL_CHANNEL_COUNT + 1];
data/libsigrok-0.5.2/src/hardware/hantek-4032l/api.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/hantek-4032l/api.c:244:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel_name[4];
data/libsigrok-0.5.2/src/hardware/hantek-4032l/api.c:245:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(channel_name, "%c%d", 'A' + (j & 1), j / 2);
data/libsigrok-0.5.2/src/hardware/hantek-4032l/protocol.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/hantek-6xxx/api.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/hantek-6xxx/protocol.c:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/hantek-dso/api.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/hantek-dso/api.c:739:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->framebuf + devc->samp_buffered * 2,
data/libsigrok-0.5.2/src/hardware/hantek-dso/api.c:749:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->framebuf + devc->samp_buffered * 2,
data/libsigrok-0.5.2/src/hardware/hantek-dso/protocol.c:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/hp-3457a/api.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/libsigrok-0.5.2/src/hardware/hp-3457a/protocol.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chan[16], list_str[64] = "";
data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/api.c:375:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->xfer_data_out + 2, &tmp, sizeof(tmp));
data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/api.c:378:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->xfer_data_out + 4, &tmp, sizeof(tmp));
data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/api.c:386:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->xfer_data_out + 10, &tmp, sizeof(tmp));
data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/protocol.c:68:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->sample_buffer[devc->channel] + offset,
data/libsigrok-0.5.2/src/hardware/ikalogic-scanalogic2/protocol.c:677:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(dev_info->serial), buffer + 1, sizeof(uint32_t));
data/libsigrok-0.5.2/src/hardware/ipdbg-la/protocol.c:147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[16];
data/libsigrok-0.5.2/src/hardware/ipdbg-la/protocol.c:325:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(devc->raw_sample_buf[devc->num_transfers]),
data/libsigrok-0.5.2/src/hardware/ipdbg-la/protocol.c:541:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/api.c:68:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd, buf[32];
data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/api.c:328:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[9];
data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/protocol.c:37:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/protocol.c:196:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[7];
data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/protocol.c:237:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[7];
data/libsigrok-0.5.2/src/hardware/kecheng-kc-330b/protocol.h:82:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[128];
data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/api.c:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[50];
data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/protocol.c:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[6];
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/api.c:272:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[3], resp[4], *buf;
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.c:96:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[3], buf[MAX_CONFIGBLOCK_SIZE];
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.c:182:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(configblock, buf, buflen);
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.c:213:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[3], buf[256];
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.c:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char firmware[5];
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.c:318:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(firmware, config + 0x30, 4);
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.c:359:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char config[MAX_CONFIGBLOCK_SIZE];
data/libsigrok-0.5.2/src/hardware/lascar-el-usb/protocol.h:45:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char config[MAX_CONFIGBLOCK_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-logicstudio/api.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel_name[8];
data/libsigrok-0.5.2/src/hardware/lecroy-logicstudio/api.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/lecroy-logicstudio/api.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/api.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/api.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/api.c:383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instrument_name[16];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trace_label[16];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vertunit[48];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char horunit[48];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descriptor_name[16];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[16];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:480:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:531:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)(*scope_models[model_index].analog_names)[i]);
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.c:618:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_COMMAND_SIZE];
data/libsigrok-0.5.2/src/hardware/lecroy-xstream/protocol.h:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name[MAX_INSTRUMENT_VERSIONS];
data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/api.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[50], **tokens, *dummy;
data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/protocol.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[50];
data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/protocol.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/libsigrok-0.5.2/src/hardware/mic-985xx/protocol.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/libsigrok-0.5.2/src/hardware/microchip-pickit2/protocol.c:271:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, &recv_cmd.raw[0], copy_len);
data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/protocol.c:368:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node->value.b->data, contents->data + 3, len);
data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/protocol.c:632:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(analog.meaning, &devc->channel_meaning[channel],
data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/protocol.c:702:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(analog.meaning, &devc->channel_meaning[channel],
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char auxfmt[LINELEN_MAX];
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINELEN_MAX];
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINELEN_MAX];
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINELEN_MAX];
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINELEN_MAX];
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[LINELEN_MAX];
data/libsigrok-0.5.2/src/hardware/norma-dmm/api.c:52:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *nameref[5][2] = {
data/libsigrok-0.5.2/src/hardware/norma-dmm/api.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[10];
data/libsigrok-0.5.2/src/hardware/norma-dmm/protocol.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NMADMM_BUFSIZE];
data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/api.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[5];
data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.c:474:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->sample, devc->tmp_sample, 4);
data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.c:485:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->raw_sample_buf + offset + (i * 4),
data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.h:94:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sample[4];
data/libsigrok-0.5.2/src/hardware/openbench-logic-sniffer/protocol.h:95:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_sample[4];
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/api.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[70];
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.c:522:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->raw_sample_buf + offset + (i * 8),
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.c:524:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->raw_sample_buf + offset + (4 + (i * 8)),
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.c:589:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->sample, devc->tmp_sample, 4);
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.c:600:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->raw_sample_buf + offset + (i * 4),
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.h:107:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sample[4];
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.h:108:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_sample[4];
data/libsigrok-0.5.2/src/hardware/pipistrello-ols/protocol.h:109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_sample2[4];
data/libsigrok-0.5.2/src/hardware/rigol-ds/api.c:673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16];
data/libsigrok-0.5.2/src/hardware/rigol-ds/protocol.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *coupling[MAX_ANALOG_CHANNELS];
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/api.c:134:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char strdesc[64];
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/api.c:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:197:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&req[3], regs, cnt);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:290:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, rsp + 1, len);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:308:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + 5, data, len);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, i2c_rsp + 1, 32);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:391:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, i2c_rsp + 1, 32);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:412:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, i2c_rsp + 1, 64);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:413:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(crc, i2c_rsp + 1 + 64, 2);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:478:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + 4, data, len);
data/libsigrok-0.5.2/src/hardware/saleae-logic-pro/protocol.c:859:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, dst + devc->conv_size, CONV_BATCH_SIZE);
data/libsigrok-0.5.2/src/hardware/saleae-logic16/api.c:109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char strdesc[64];
data/libsigrok-0.5.2/src/hardware/saleae-logic16/api.c:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/saleae-logic16/api.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connection_id[64];
data/libsigrok-0.5.2/src/hardware/saleae-logic16/protocol.c:268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(command + 3, table, chunk);
data/libsigrok-0.5.2/src/hardware/saleae-logic16/protocol.c:835:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, channel_data, 16 * 2);
data/libsigrok-0.5.2/src/hardware/scpi-dmm/protocol.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prec_text[20];
data/libsigrok-0.5.2/src/hardware/scpi-pps/api.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_name[16];
data/libsigrok-0.5.2/src/hardware/scpi-pps/api.c:679:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *s[16];
data/libsigrok-0.5.2/src/hardware/scpi-pps/profiles.c:957:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*channels)[i].name = (char *)philips_pm2800_names[i];
data/libsigrok-0.5.2/src/hardware/scpi-pps/profiles.c:958:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((*channels)[i].voltage), spec, sizeof(double) * 15);
data/libsigrok-0.5.2/src/hardware/scpi-pps/profiles.c:959:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*channel_groups)[i].name = (char *)philips_pm2800_names[i];
data/libsigrok-0.5.2/src/hardware/serial-dmm/api.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_name[12];
data/libsigrok-0.5.2/src/hardware/serial-lcr/api.c:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch_name[8];
data/libsigrok-0.5.2/src/hardware/siglent-sds/api.c:543:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16];
data/libsigrok-0.5.2/src/hardware/siglent-sds/api.c:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd4[4];
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:183:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:194:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&framecount, buf + 40, 4);
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:232:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:243:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&framecount, buf + 40, 4);
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:328:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&desc_length, buf + 36, 4); /* Descriptor block length */
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:329:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data_length, buf + 60, 4); /* Data block length */
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.h:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *coupling[MAX_ANALOG_CHANNELS];
data/libsigrok-0.5.2/src/hardware/sysclk-lwla/api.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8];
data/libsigrok-0.5.2/src/hardware/sysclk-lwla/api.c:195:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/libsigrok-0.5.2/src/hardware/sysclk-lwla/lwla1016.c:189:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reply[512];
data/libsigrok-0.5.2/src/hardware/sysclk-lwla/lwla1034.c:267:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/libsigrok-0.5.2/src/hardware/sysclk-lwla/protocol.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12];
data/libsigrok-0.5.2/src/hardware/sysclk-sla5032/api.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8];
data/libsigrok-0.5.2/src/hardware/sysclk-sla5032/protocol.c:146:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cmd_pkt[2], data, len);
data/libsigrok-0.5.2/src/hardware/sysclk-sla5032/protocol.c:157:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cmd_pkt[3], data, len);
data/libsigrok-0.5.2/src/hardware/sysclk-sla5032/protocol.c:569:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fw_data + 0x100, stream + BITSTREAM_HEADER_SIZE,
data/libsigrok-0.5.2/src/hardware/teleinfo/protocol.c:91:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(data);
data/libsigrok-0.5.2/src/hardware/teleinfo/protocol.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[9], data[13], control, cr;
data/libsigrok-0.5.2/src/hardware/teleinfo/protocol.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optarif[5] = { 0 };
data/libsigrok-0.5.2/src/hardware/testo/api.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char manufacturer[64], product[64], connection_id[64];
data/libsigrok-0.5.2/src/hardware/testo/api.c:244:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devc->reply + devc->reply_size, data, len);
data/libsigrok-0.5.2/src/hardware/testo/protocol.c:63:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[MAX_REPLY_SIZE], buf[MAX_REPLY_SIZE];
data/libsigrok-0.5.2/src/hardware/testo/protocol.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet + packet_len, buf + 2, len - 2);
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/api.c:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char float_str[30];
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.c:41:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dlm_trigger_slopes[2] = {
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.c:747:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
*model_name = (char *)scope_models[i].model_name[j];
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.c:796:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)(*scope_models[model_index].analog_names)[i]);
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.h:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *dlm_trigger_slopes[2];
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.h:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *model_id[MAX_INSTRUMENT_VERSIONS];
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.h:58:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *model_name[MAX_INSTRUMENT_VERSIONS];
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.h:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char receive_buffer[RECEIVE_BUFFER_SIZE];
data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/api.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_num[64], connection_id[64];
data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/gl_usb.c:57:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[8] = { address & 0xFF };
data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/gl_usb.c:69:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[8] = { val & 0xFF };
data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/gl_usb.c:81:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[8] = { 0 };
data/libsigrok-0.5.2/src/hardware/zeroplus-logic-cube/gl_usb.c:95:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[8] = {
data/libsigrok-0.5.2/src/hardware/zketech-ebd-usb/protocol.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[count * 2 + 1];
data/libsigrok-0.5.2/src/hardware/zketech-ebd-usb/protocol.c:29:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buffer[2 * j], "%02X", buf[j]);
data/libsigrok-0.5.2/src/input/binary.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/libsigrok-0.5.2/src/input/chronovu_la8.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/libsigrok-0.5.2/src/input/logicport.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *wire_names[MAX_CHANNELS];
data/libsigrok-0.5.2/src/input/logicport.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *signal_names[MAX_CHANNELS];
data/libsigrok-0.5.2/src/input/logicport.c:916:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, sample_buffer, inc->unitsize);
data/libsigrok-0.5.2/src/input/raw_analog.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channelname[16];
data/libsigrok-0.5.2/src/input/trace32_ad.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pod_status[MAX_POD_COUNT];
data/libsigrok-0.5.2/src/input/trace32_ad.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[17];
data/libsigrok-0.5.2/src/input/trace32_ad.c:385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8];
data/libsigrok-0.5.2/src/input/trace32_ad.c:454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char single_payload[12 * 3];
data/libsigrok-0.5.2/src/input/trace32_ad.c:615:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char single_payload[3];
data/libsigrok-0.5.2/src/input/trace32_ad.c:667:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chan_suffix[2], chan_name[33];
data/libsigrok-0.5.2/src/input/trace32_ad.c:724:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ch = atoi(s1 + 1);
data/libsigrok-0.5.2/src/input/trace32_ad.c:728:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ch = atoi(s1);
data/libsigrok-0.5.2/src/input/trace32_ad.c:743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delimiter[3];
data/libsigrok-0.5.2/src/input/vcd.c:393:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, inc->current_levels, inc->bytes_per_sample);
data/libsigrok-0.5.2/src/input/wav.c:232:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, s, inc->unitsize);
data/libsigrok-0.5.2/src/input/wav.c:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channelname[16];
data/libsigrok-0.5.2/src/lcr/vc4080.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value_text[8];
data/libsigrok-0.5.2/src/lcr/vc4080.c:191:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value_text, digits, length);
data/libsigrok-0.5.2/src/lcr/vc4080.c:628:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SR_PRIV const char *vc4080_channel_formats[VC4080_CHANNEL_COUNT] = {
data/libsigrok-0.5.2/src/libsigrok-internal.h:1203:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(struct sr_serial_dev_inst *serial, int flags);
data/libsigrok-0.5.2/src/libsigrok-internal.h:1336:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(void *priv);
data/libsigrok-0.5.2/src/libsigrok-internal.h:1682:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern SR_PRIV const char *vc4080_channel_formats[VC4080_CHANNEL_COUNT];
data/libsigrok-0.5.2/src/modbus/modbus.c:180:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return modbus->open(modbus->priv);
data/libsigrok-0.5.2/src/modbus/modbus.c:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/libsigrok-0.5.2/src/modbus/modbus.c:425:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(coils, reply + 2, (nb_coils + 7) / 8);
data/libsigrok-0.5.2/src/modbus/modbus.c:474:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(registers, reply + 2, 2 * nb_registers);
data/libsigrok-0.5.2/src/modbus/modbus.c:540:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(request + 6, registers, 2 * nb_registers);
data/libsigrok-0.5.2/src/output/ascii.c:217:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->prev_sample, logic->data + i, logic->unitsize);
data/libsigrok-0.5.2/src/output/csv.c:460:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->previous_sample, logic_sample,
data/libsigrok-0.5.2/src/output/csv.c:462:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->previous_sample
data/libsigrok-0.5.2/src/output/vcd.c:267:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->prevsample, sample, logic->unitsize);
data/libsigrok-0.5.2/src/output/wav.c:78:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufp, outc->chanbuf[j] + i * 4, 4);
data/libsigrok-0.5.2/src/output/wav.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/libsigrok-0.5.2/src/output/wav.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/libsigrok-0.5.2/src/scpi.h:102:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(struct sr_scpi_dev_inst *scpi);
data/libsigrok-0.5.2/src/scpi/scpi.c:407:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return scpi->open(scpi);
data/libsigrok-0.5.2/src/scpi/scpi.c:965:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/libsigrok-0.5.2/src/scpi/scpi.c:1037:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &response->str[2], llen);
data/libsigrok-0.5.2/src/scpi/scpi.c:1177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quotes[3];
data/libsigrok-0.5.2/src/scpi/scpi_tcp.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char length_buf[LENGTH_BYTES];
data/libsigrok-0.5.2/src/scpi/scpi_usbtmc_libusb.c:497:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uscpi->buffer + USBTMC_BULK_HEADER_SIZE, data, size);
data/libsigrok-0.5.2/src/scpi/scpi_usbtmc_libusb.c:622:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, uscpi->buffer + uscpi->response_bytes_read, read_length);
data/libsigrok-0.5.2/src/scpi/scpi_vxi.c:192:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, read_resp->data.data_val, read_resp->data.data_len);
data/libsigrok-0.5.2/src/serial.c:119:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!serial->lib_funcs->open)
data/libsigrok-0.5.2/src/serial.c:121:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ret = serial->lib_funcs->open(serial, flags);
data/libsigrok-0.5.2/src/serial.c:342:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buf->str, len);
data/libsigrok-0.5.2/src/serial_bt.c:64:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *ser_bt_conn_names[SER_BT_CONN_MAX] = {
data/libsigrok-0.5.2/src/serial_bt.c:733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_text[20];
data/libsigrok-0.5.2/src/serial_hid.c:786:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serno_got[128];
data/libsigrok-0.5.2/src/serial_hid_ch9325.c:125:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &buffer[1], count);
data/libsigrok-0.5.2/src/serial_hid_ch9325.c:151:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[1], data, size);
data/libsigrok-0.5.2/src/serial_hid_cp2110.c:241:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &buffer[1], count);
data/libsigrok-0.5.2/src/serial_hid_cp2110.c:266:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[1], data, size);
data/libsigrok-0.5.2/src/serial_hid_victor.c:105:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_buf, rx_buf, rx_len);
data/libsigrok-0.5.2/src/session.c:1510:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(payload, packet->payload, sizeof(struct sr_datafeed_header));
data/libsigrok-0.5.2/src/session.c:1531:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(logic_copy->data, logic->data, logic->length * logic->unitsize);
data/libsigrok-0.5.2/src/session.c:1539:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(analog_copy->data, analog->data,
data/libsigrok-0.5.2/src/session_driver.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char capturefile[128];
data/libsigrok-0.5.2/src/session_file.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/libsigrok-0.5.2/src/session_file.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channelname[SR_MAX_CHANNELNAME_LEN + 1];
data/libsigrok-0.5.2/src/soft-trigger.c:100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stl->pre_trigger_head, buf, size);
data/libsigrok-0.5.2/src/soft-trigger.c:205:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stl->prev_sample, buf + i, stl->unitsize);
data/libsigrok-0.5.2/src/strutil.c:754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[16], fract[20] = "", *f;
data/libsigrok-0.5.2/src/usb.c:524:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char strdesc[64];
data/libsigrok-0.5.2/tests/trigger.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/libsigrok-0.5.2/tests/trigger.c:42:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)&name, "T%d", i);
data/libsigrok-0.5.2/tests/trigger.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/libsigrok-0.5.2/tests/trigger.c:130:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)&name, "L%d", i);
data/libsigrok-0.5.2/tests/trigger.c:137:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)&name, "A%d", i);
data/libsigrok-0.5.2/bindings/cxx/classes.cpp:112:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return reader->read(res, buf, count);
data/libsigrok-0.5.2/bindings/cxx/include/libsigrokcxx/libsigrokcxx.hpp:228:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual size_t read(const struct sr_resource *res, void *buf, size_t count) = 0;
data/libsigrok-0.5.2/src/bt/bt_bluez.c:1084:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rdlen = read(desc->fd, data, len);
data/libsigrok-0.5.2/src/dmm/asycii.c:108:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*exponent = -(valstr + strlen(valstr) - dot_pos - 1);
data/libsigrok-0.5.2/src/dmm/asycii.c:186:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("A");
data/libsigrok-0.5.2/src/dmm/asycii.c:189:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("VA");
data/libsigrok-0.5.2/src/dmm/asycii.c:192:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("V");
data/libsigrok-0.5.2/src/dmm/asycii.c:195:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("ohm");
data/libsigrok-0.5.2/src/dmm/asycii.c:199:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("F");
data/libsigrok-0.5.2/src/dmm/asycii.c:203:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("dB");
data/libsigrok-0.5.2/src/dmm/asycii.c:207:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("Hz");
data/libsigrok-0.5.2/src/dmm/asycii.c:211:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("%");
data/libsigrok-0.5.2/src/dmm/asycii.c:223:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("Cnt");
data/libsigrok-0.5.2/src/dmm/asycii.c:236:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("s");
data/libsigrok-0.5.2/src/dmm/asycii.c:257:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("ac+dc");
data/libsigrok-0.5.2/src/dmm/asycii.c:260:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("ac");
data/libsigrok-0.5.2/src/dmm/asycii.c:263:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("dc");
data/libsigrok-0.5.2/src/dmm/asycii.c:266:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("d");
data/libsigrok-0.5.2/src/dmm/asycii.c:269:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u += strlen("Pk");
data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.c:226:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (serial_write_blocking(serial, buf, strlen(buf), SERIAL_WRITE_TIMEOUT_MS) < (int)strlen(buf)) {
data/libsigrok-0.5.2/src/hardware/agilent-dmm/protocol.c:226:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (serial_write_blocking(serial, buf, strlen(buf), SERIAL_WRITE_TIMEOUT_MS) < (int)strlen(buf)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:109:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR_STOP), serial_timeout(serial,
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:110:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR_STOP))) < (int)strlen(CMD_MONITOR_STOP)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:110:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR_STOP))) < (int)strlen(CMD_MONITOR_STOP)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:118:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_VERSION), serial_timeout(serial,
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:119:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_VERSION))) < (int)strlen(CMD_VERSION)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:119:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_VERSION))) < (int)strlen(CMD_VERSION)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:297:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR_STOP), serial_timeout(sdi->conn,
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:298:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR_STOP))) < (int)strlen(CMD_MONITOR_STOP)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:298:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR_STOP))) < (int)strlen(CMD_MONITOR_STOP)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:318:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR), serial_timeout(serial,
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:319:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR)))) < (int)strlen(CMD_MONITOR)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/api.c:319:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CMD_MONITOR)))) < (int)strlen(CMD_MONITOR)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:40:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cmd), serial_timeout(serial,
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:41:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cmd)))) < (int)strlen(cmd)) {
data/libsigrok-0.5.2/src/hardware/arachnid-labs-re-load-pro/protocol.c:41:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cmd)))) < (int)strlen(cmd)) {
data/libsigrok-0.5.2/src/hardware/atten-pps3xxx/protocol.c:31:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "%.2x ", packet[i]);
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:178:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(buf, prb_name, strlen(prb_name))) {
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:285:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd = read(fd, eeprom_buf, EEPROM_SIZE);
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:647:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(fd, buf, sizeof(buf));
data/libsigrok-0.5.2/src/hardware/baylibre-acme/protocol.c:733:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(devc->timer_fd, &nrexpiration, sizeof(nrexpiration)) < 0) {
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_native.c:91:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ret = read(fd, buf, 16)) < 0)
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_tcp.c:106:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = send(devc->socket, buf, strlen(buf), 0);
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_tcp.c:114:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (out < (int)strlen(buf)) {
data/libsigrok-0.5.2/src/hardware/beaglelogic/beaglelogic_tcp.c:116:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf), buf);
data/libsigrok-0.5.2/src/hardware/center-3xx/protocol.c:37:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret = serial_write_blocking(serial, cmd, strlen(cmd),
data/libsigrok-0.5.2/src/hardware/center-3xx/protocol.c:38:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_timeout(serial, strlen(cmd)))) < 0) {
data/libsigrok-0.5.2/src/hardware/fluke-45/protocol.c:273:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
digits = get_reading_dd(reading, strlen(reading));
data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/protocol.c:39:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = serial_write_blocking(serial, cmdbuf, strlen(cmdbuf),
data/libsigrok-0.5.2/src/hardware/gwinstek-gpd/protocol.c:40:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_timeout(serial, strlen(cmdbuf)));
data/libsigrok-0.5.2/src/hardware/hameg-hmo/api.c:379:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx = strlen(tmp_str);
data/libsigrok-0.5.2/src/hardware/hameg-hmo/api.c:388:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(state->trigger_pattern,
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.c:980:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*config->logic_threshold)[i], strlen((*config->logic_threshold)[i]));
data/libsigrok-0.5.2/src/hardware/hameg-hmo/protocol.c:1131:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(state->trigger_pattern,
data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/api.c:126:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(models[i].id) > len)
data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/api.c:127:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(models[i].id);
data/libsigrok-0.5.2/src/hardware/korad-kaxxxxp/protocol.c:33:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret = serial_write_blocking(serial, cmd, strlen(cmd), 0)) < 0) {
data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/protocol.c:41:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret = serial_write_blocking(serial, cmdbuf, strlen(cmdbuf),
data/libsigrok-0.5.2/src/hardware/manson-hcs-3xxx/protocol.c:42:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_timeout(serial, strlen(cmdbuf)))) < 0) {
data/libsigrok-0.5.2/src/hardware/mic-985xx/protocol.c:27:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret = serial_write_blocking(serial, cmd, strlen(cmd),
data/libsigrok-0.5.2/src/hardware/mic-985xx/protocol.c:28:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_timeout(serial, strlen(cmd)))) < 0) {
data/libsigrok-0.5.2/src/hardware/mic-985xx/protocol.c:82:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)&tmp, &buf[2], 3);
data/libsigrok-0.5.2/src/hardware/mic-985xx/protocol.c:86:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)&tmp, &buf[6], 3);
data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/protocol.c:278:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path);
data/libsigrok-0.5.2/src/hardware/mooshimeter-dmm/protocol.c:286:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(current->children[i].name) != length)
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:130:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retc = serial_write_blocking(serial, buf, strlen(buf),
data/libsigrok-0.5.2/src/hardware/motech-lps-30x/api.c:131:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_timeout(serial, strlen(buf)));
data/libsigrok-0.5.2/src/hardware/norma-dmm/api.c:110:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (serial_write_blocking(serial, req, strlen(req),
data/libsigrok-0.5.2/src/hardware/norma-dmm/api.c:111:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_timeout(serial, strlen(req))) < 0) {
data/libsigrok-0.5.2/src/hardware/norma-dmm/protocol.c:102:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((const char *)devc->buf) != LINE_LENGTH) {
data/libsigrok-0.5.2/src/hardware/siglent-sds/api.c:662:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmd4, devc->coupling[i], 3);
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:805:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tokens[4]);
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:901:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sample_points_string[strlen(sample_points_string) - 4] = '\0';
data/libsigrok-0.5.2/src/hardware/siglent-sds/protocol.c:908:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sample_points_string[strlen(sample_points_string) - 4] = '\0';
data/libsigrok-0.5.2/src/hardware/teleinfo/protocol.c:134:6: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(str, "\x0A%8s %13s %c%c", label, data, &control, &cr) != 4
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.c:336:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ss, value, pos);
data/libsigrok-0.5.2/src/hardware/yokogawa-dlm/protocol.c:337:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(es, &(value[pos+1]), 3);
data/libsigrok-0.5.2/src/input/csv.c:802:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(column);
data/libsigrok-0.5.2/src/input/csv.c:907:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(column);
data/libsigrok-0.5.2/src/input/csv.c:1105:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fn && *fn && (fn_len = strlen(fn)) >= strlen(default_extension)) {
data/libsigrok-0.5.2/src/input/csv.c:1105:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fn && *fn && (fn_len = strlen(fn)) >= strlen(default_extension)) {
data/libsigrok-0.5.2/src/input/csv.c:1106:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcasecmp(&fn[fn_len - strlen(default_extension)], default_extension) == 0) {
data/libsigrok-0.5.2/src/input/csv.c:1153:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strspn(col, binary_charset) != strlen(col)) {
data/libsigrok-0.5.2/src/input/csv.c:1484:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (in->buf->len < strlen(utf8_bom))
data/libsigrok-0.5.2/src/input/csv.c:1486:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(in->buf->str, utf8_bom, strlen(utf8_bom)) != 0)
data/libsigrok-0.5.2/src/input/csv.c:1488:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_string_erase(in->buf, 0, strlen(utf8_bom));
data/libsigrok-0.5.2/src/input/csv.c:1568:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
processed_up_to += strlen(inc->termination);
data/libsigrok-0.5.2/src/input/logicport.c:200:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(read_ptr, keyword, strlen(keyword)) != 0)
data/libsigrok-0.5.2/src/input/logicport.c:202:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
read_ptr += strlen(keyword);
data/libsigrok-0.5.2/src/input/logicport.c:235:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(read_ptr, caution, strlen(caution)) != 0)
data/libsigrok-0.5.2/src/input/logicport.c:237:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
read_ptr += strlen(caution);
data/libsigrok-0.5.2/src/input/logicport.c:675:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eol_ptr += strlen(CRLF);
data/libsigrok-0.5.2/src/input/logicport.c:707:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = p + strlen(CONT_OPEN);
data/libsigrok-0.5.2/src/input/logicport.c:716:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_string_append_len(inc->cont_buff, line, strlen(line));
data/libsigrok-0.5.2/src/input/logicport.c:719:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_string_append_len(inc->cont_buff, CRLF, strlen(CRLF));
data/libsigrok-0.5.2/src/input/trace32_ad.c:117:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(name);
data/libsigrok-0.5.2/src/input/trace32_ad.c:118:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = g_malloc0(l * strlen("\\x00") + 1);
data/libsigrok-0.5.2/src/input/trace32_ad.c:124:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen("\\x00");
data/libsigrok-0.5.2/src/input/trace32_ad.c:286:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
format_name_sig = g_strndup(format_name, strlen(TRACE32));
data/libsigrok-0.5.2/src/input/trace32_ad.c:717:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ((strlen(s1) == 4) && g_ascii_isupper(s1[3])) {
data/libsigrok-0.5.2/src/lcr/vc4080.c:639:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
serial_write_blocking(serial, command, strlen(command), 0);
data/libsigrok-0.5.2/src/libsigrok-internal.h:1210:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read)(struct sr_serial_dev_inst *serial,
data/libsigrok-0.5.2/src/modbus/modbus.c:151:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(resource, modbus_dev->prefix, strlen(modbus_dev->prefix))) {
data/libsigrok-0.5.2/src/output/ascii.c:73:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!ctx->charset || strlen(ctx->charset) < 2) {
data/libsigrok-0.5.2/src/output/ascii.c:77:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctx->edges = (strlen(ctx->charset) >= 4) ? TRUE : FALSE;
data/libsigrok-0.5.2/src/output/csv.c:148:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*ctx->gnuplot && strlen(ctx->value) > 1)
data/libsigrok-0.5.2/src/output/srzip.c:361:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
baselen = strlen(basename);
data/libsigrok-0.5.2/src/output/vcd.c:131:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
timestamp[strlen(timestamp) - 1] = 0;
data/libsigrok-0.5.2/src/scpi/scpi.c:376:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(resource, scpi_dev->prefix, strlen(scpi_dev->prefix))) {
data/libsigrok-0.5.2/src/scpi/scpi.c:1183:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_len = strlen(s);
data/libsigrok-0.5.2/src/scpi/scpi.c:1200:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(rdptr, rdptr + 1, strlen(rdptr));
data/libsigrok-0.5.2/src/scpi/scpi_libgpib.c:91:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(command);
data/libsigrok-0.5.2/src/scpi/scpi_serial.c:159:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = serial_write_blocking(serial, command, strlen(command), 0);
data/libsigrok-0.5.2/src/scpi/scpi_tcp.c:150:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(command);
data/libsigrok-0.5.2/src/scpi/scpi_usbtmc_libusb.c:577:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command, strlen(command), EOM) <= 0)
data/libsigrok-0.5.2/src/scpi/scpi_visa.c:103:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(command);
data/libsigrok-0.5.2/src/scpi/scpi_vxi.c:133:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(command);
data/libsigrok-0.5.2/src/serial.c:445:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!serial->lib_funcs || !serial->lib_funcs->read)
data/libsigrok-0.5.2/src/serial.c:447:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = serial->lib_funcs->read(serial, buf, count,
data/libsigrok-0.5.2/src/serial_bt.c:304:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off = strlen(SER_BT_CONN_PREFIX);
data/libsigrok-0.5.2/src/serial_hid.c:102:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
is_hex_colon = strspn(path, accept) == strlen(path);
data/libsigrok-0.5.2/src/serial_hid.c:109:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_strcanon(name + strlen(SER_HID_USB_PREFIX), keep, '.');
data/libsigrok-0.5.2/src/serial_hid.c:135:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(p, SER_HID_RAW_PREFIX, strlen(SER_HID_RAW_PREFIX)) == 0) {
data/libsigrok-0.5.2/src/serial_hid.c:136:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(SER_HID_RAW_PREFIX);
data/libsigrok-0.5.2/src/serial_hid.c:139:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(p, SER_HID_USB_PREFIX, strlen(SER_HID_USB_PREFIX)) == 0) {
data/libsigrok-0.5.2/src/serial_hid.c:140:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(SER_HID_USB_PREFIX);
data/libsigrok-0.5.2/src/serial_hid.c:200:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (manuf && wcslen(manuf) != 0)
data/libsigrok-0.5.2/src/serial_hid.c:202:15: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prod && wcslen(prod) != 0)
data/libsigrok-0.5.2/src/serial_hid.c:204:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (serno && wcslen(serno) != 0)
data/libsigrok-0.5.2/src/serial_hid.c:603:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
spec += strlen(desc->chipname);
data/libsigrok-0.5.2/src/serial_hid.c:720:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(SER_HID_CONN_PREFIX);
data/libsigrok-0.5.2/src/serial_hid.c:738:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/libsigrok-0.5.2/src/serial_hid.c:744:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/libsigrok-0.5.2/src/serial_hid.c:746:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(SER_HID_SNR_PREFIX);
data/libsigrok-0.5.2/src/serial_hid.c:748:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/libsigrok-0.5.2/src/serial_hid.c:1023:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off = strlen(SER_HID_CONN_PREFIX);
data/libsigrok-0.5.2/tests/version.c:88:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fail_unless(strlen(str) >= len_min);
data/libsigrok-0.5.2/tests/version.c:89:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fail_unless(strlen(str) <= len_max);
data/libsigrok-0.5.2/tests/version.c:92:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fail_unless(strlen(str) >= len_min);
data/libsigrok-0.5.2/tests/version.c:93:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fail_unless(strlen(str) <= len_max);
ANALYSIS SUMMARY:
Hits = 481
Lines analyzed = 130679 in approximately 3.07 seconds (42582 lines/second)
Physical Source Lines of Code (SLOC) = 91191
Hits@level = [0] 56 [1] 140 [2] 314 [3] 6 [4] 21 [5] 0
Hits@level+ = [0+] 537 [1+] 481 [2+] 341 [3+] 27 [4+] 21 [5+] 0
Hits/KSLOC@level+ = [0+] 5.88874 [1+] 5.27464 [2+] 3.7394 [3+] 0.296082 [4+] 0.230286 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.