Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libtpl-1.6.1/src/tpl.c
Examining data/libtpl-1.6.1/src/tpl.h
Examining data/libtpl-1.6.1/src/win/mman.h
Examining data/libtpl-1.6.1/src/win/mmap.c
Examining data/libtpl-1.6.1/src/win/nonempty.c
Examining data/libtpl-1.6.1/tests/int64_align.c
Examining data/libtpl-1.6.1/tests/malign.c
Examining data/libtpl-1.6.1/tests/mgwtest.c
Examining data/libtpl-1.6.1/tests/other/other1.cpp
Examining data/libtpl-1.6.1/tests/test1-mingw.c
Examining data/libtpl-1.6.1/tests/test1.c
Examining data/libtpl-1.6.1/tests/test10.c
Examining data/libtpl-1.6.1/tests/test100.c
Examining data/libtpl-1.6.1/tests/test101.c
Examining data/libtpl-1.6.1/tests/test102.c
Examining data/libtpl-1.6.1/tests/test103.c
Examining data/libtpl-1.6.1/tests/test104.c
Examining data/libtpl-1.6.1/tests/test105.c
Examining data/libtpl-1.6.1/tests/test106.c
Examining data/libtpl-1.6.1/tests/test107.c
Examining data/libtpl-1.6.1/tests/test108.c
Examining data/libtpl-1.6.1/tests/test109.c
Examining data/libtpl-1.6.1/tests/test11.c
Examining data/libtpl-1.6.1/tests/test110.c
Examining data/libtpl-1.6.1/tests/test111.c
Examining data/libtpl-1.6.1/tests/test112.c
Examining data/libtpl-1.6.1/tests/test113.c
Examining data/libtpl-1.6.1/tests/test114.c
Examining data/libtpl-1.6.1/tests/test115.c
Examining data/libtpl-1.6.1/tests/test116.c
Examining data/libtpl-1.6.1/tests/test117.c
Examining data/libtpl-1.6.1/tests/test118.c
Examining data/libtpl-1.6.1/tests/test119.c
Examining data/libtpl-1.6.1/tests/test12.c
Examining data/libtpl-1.6.1/tests/test120.c
Examining data/libtpl-1.6.1/tests/test121.c
Examining data/libtpl-1.6.1/tests/test122.c
Examining data/libtpl-1.6.1/tests/test123.c
Examining data/libtpl-1.6.1/tests/test124.c
Examining data/libtpl-1.6.1/tests/test125.c
Examining data/libtpl-1.6.1/tests/test13.c
Examining data/libtpl-1.6.1/tests/test14.c
Examining data/libtpl-1.6.1/tests/test15.c
Examining data/libtpl-1.6.1/tests/test16.c
Examining data/libtpl-1.6.1/tests/test17.c
Examining data/libtpl-1.6.1/tests/test18.c
Examining data/libtpl-1.6.1/tests/test19.c
Examining data/libtpl-1.6.1/tests/test2.c
Examining data/libtpl-1.6.1/tests/test20.c
Examining data/libtpl-1.6.1/tests/test21.c
Examining data/libtpl-1.6.1/tests/test22.c
Examining data/libtpl-1.6.1/tests/test23.c
Examining data/libtpl-1.6.1/tests/test24.c
Examining data/libtpl-1.6.1/tests/test25.c
Examining data/libtpl-1.6.1/tests/test26.c
Examining data/libtpl-1.6.1/tests/test27.c
Examining data/libtpl-1.6.1/tests/test28.c
Examining data/libtpl-1.6.1/tests/test29.c
Examining data/libtpl-1.6.1/tests/test3.c
Examining data/libtpl-1.6.1/tests/test30.c
Examining data/libtpl-1.6.1/tests/test31.c
Examining data/libtpl-1.6.1/tests/test32.c
Examining data/libtpl-1.6.1/tests/test33.c
Examining data/libtpl-1.6.1/tests/test34.c
Examining data/libtpl-1.6.1/tests/test35.c
Examining data/libtpl-1.6.1/tests/test36.c
Examining data/libtpl-1.6.1/tests/test37.c
Examining data/libtpl-1.6.1/tests/test38.c
Examining data/libtpl-1.6.1/tests/test39.c
Examining data/libtpl-1.6.1/tests/test4.c
Examining data/libtpl-1.6.1/tests/test40.c
Examining data/libtpl-1.6.1/tests/test41.c
Examining data/libtpl-1.6.1/tests/test42.c
Examining data/libtpl-1.6.1/tests/test43.c
Examining data/libtpl-1.6.1/tests/test44.c
Examining data/libtpl-1.6.1/tests/test45.c
Examining data/libtpl-1.6.1/tests/test46.c
Examining data/libtpl-1.6.1/tests/test47.c
Examining data/libtpl-1.6.1/tests/test48.c
Examining data/libtpl-1.6.1/tests/test49.c
Examining data/libtpl-1.6.1/tests/test5.c
Examining data/libtpl-1.6.1/tests/test50.c
Examining data/libtpl-1.6.1/tests/test51.c
Examining data/libtpl-1.6.1/tests/test52.c
Examining data/libtpl-1.6.1/tests/test53.c
Examining data/libtpl-1.6.1/tests/test54.c
Examining data/libtpl-1.6.1/tests/test55.c
Examining data/libtpl-1.6.1/tests/test56.c
Examining data/libtpl-1.6.1/tests/test57.c
Examining data/libtpl-1.6.1/tests/test58.c
Examining data/libtpl-1.6.1/tests/test59.c
Examining data/libtpl-1.6.1/tests/test6.c
Examining data/libtpl-1.6.1/tests/test60.c
Examining data/libtpl-1.6.1/tests/test61.c
Examining data/libtpl-1.6.1/tests/test62.c
Examining data/libtpl-1.6.1/tests/test63.c
Examining data/libtpl-1.6.1/tests/test64.c
Examining data/libtpl-1.6.1/tests/test65.c
Examining data/libtpl-1.6.1/tests/test66.c
Examining data/libtpl-1.6.1/tests/test67.c
Examining data/libtpl-1.6.1/tests/test68.c
Examining data/libtpl-1.6.1/tests/test69.c
Examining data/libtpl-1.6.1/tests/test7.c
Examining data/libtpl-1.6.1/tests/test70.c
Examining data/libtpl-1.6.1/tests/test71.c
Examining data/libtpl-1.6.1/tests/test72.c
Examining data/libtpl-1.6.1/tests/test73.c
Examining data/libtpl-1.6.1/tests/test74.c
Examining data/libtpl-1.6.1/tests/test75.c
Examining data/libtpl-1.6.1/tests/test76.c
Examining data/libtpl-1.6.1/tests/test77.c
Examining data/libtpl-1.6.1/tests/test78.c
Examining data/libtpl-1.6.1/tests/test79.c
Examining data/libtpl-1.6.1/tests/test8.c
Examining data/libtpl-1.6.1/tests/test80.c
Examining data/libtpl-1.6.1/tests/test81.c
Examining data/libtpl-1.6.1/tests/test82.c
Examining data/libtpl-1.6.1/tests/test83.c
Examining data/libtpl-1.6.1/tests/test84.c
Examining data/libtpl-1.6.1/tests/test85.c
Examining data/libtpl-1.6.1/tests/test86.c
Examining data/libtpl-1.6.1/tests/test87.c
Examining data/libtpl-1.6.1/tests/test88.c
Examining data/libtpl-1.6.1/tests/test89.c
Examining data/libtpl-1.6.1/tests/test9.c
Examining data/libtpl-1.6.1/tests/test90.c
Examining data/libtpl-1.6.1/tests/test91.c
Examining data/libtpl-1.6.1/tests/test92.c
Examining data/libtpl-1.6.1/tests/test93.c
Examining data/libtpl-1.6.1/tests/test94.c
Examining data/libtpl-1.6.1/tests/test95.c
Examining data/libtpl-1.6.1/tests/test96.c
Examining data/libtpl-1.6.1/tests/test97.c
Examining data/libtpl-1.6.1/tests/test98.c
Examining data/libtpl-1.6.1/tests/test99.c
Examining data/libtpl-1.6.1/tests/threads/test1.c
FINAL RESULTS:
data/libtpl-1.6.1/src/tpl.c:256:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr,fmt,ap);
data/libtpl-1.6.1/src/tpl.c:2172:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(exit_msg, 100, fmt, ap);
data/libtpl-1.6.1/tests/test101.c:13:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test11.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test114.c:16:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test12.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test123.c:13:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/libtpl-1.6.1/tests/test13.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test14.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test15.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test16.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test17.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test18.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test19.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test20.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test25.c:17:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test26.c:36:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f1 = popen("cat test26_0.tpl;sleep 1; cat test26_1.tpl", "r");
data/libtpl-1.6.1/tests/test26.c:41:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f2 = popen("cat test26_2.tpl;sleep 1; cat test26_3.tpl", "r");
data/libtpl-1.6.1/tests/test39.c:10:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test54.c:22:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test55.c:18:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf;
data/libtpl-1.6.1/tests/test55.c:42:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f1 = popen("cat test26_0.tpl;sleep 1; cat test26_1.tpl", "r");
data/libtpl-1.6.1/tests/test55.c:47:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f2 = popen("cat test26_2.tpl;sleep 1; cat test26_3.tpl", "r");
data/libtpl-1.6.1/tests/test67.c:15:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf; /* errors to printf */
data/libtpl-1.6.1/tests/test68.c:18:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf; /* errors to printf */
data/libtpl-1.6.1/tests/test69.c:18:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
tpl_hook.oops = printf; /* errors to printf */
data/libtpl-1.6.1/src/tpl.c:563:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((tpl_root_data*)(root->data))->fmt,fmt,strlen(fmt)+1);
data/libtpl-1.6.1/src/tpl.c:791:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (sz>0) memcpy(datav,data,sz);
data/libtpl-1.6.1/src/tpl.c:865:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&binp,datav,sizeof(tpl_bin*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:874:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&strp,datav,sizeof(char*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:882:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&atypp,datav,sizeof(tpl_atyp*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:937:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&binp,c->data,sizeof(tpl_bin*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:943:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&strp,&((char**)c->data)[i],sizeof(char*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:1188:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&intlflags,dv,sizeof(char)); /* extract flags */
data/libtpl-1.6.1/src/tpl.c:1197:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&intlsz,dv,sizeof(uint32_t)); /* extract internal size */
data/libtpl-1.6.1/src/tpl.c:1225:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&flen,dv,sizeof(uint32_t)); /* stored flen */
data/libtpl-1.6.1/src/tpl.c:1319:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&intlsz,dv,sizeof(uint32_t)); /* extract internal size */
data/libtpl-1.6.1/src/tpl.c:1340:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fmt_cpy, fmt, fmt_len);
data/libtpl-1.6.1/src/tpl.c:1354:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fxlensv,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:1388:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&datapeek_ssz,dv,sizeof(uint32_t)); /* get slen */
data/libtpl-1.6.1/src/tpl.c:1401:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datapeek_s, dv, datapeek_ssz-1);
data/libtpl-1.6.1/src/tpl.c:1413:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datapeek_p, dv, datapeek_csz);
data/libtpl-1.6.1/src/tpl.c:1587:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&binp,dv,sizeof(tpl_bin*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:1594:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&strp,dv,sizeof(char*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:1611:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&atypp,dv,sizeof(tpl_atyp*)); /* cp to aligned */
data/libtpl-1.6.1/src/tpl.c:1643:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:1671:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slen,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:1683:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slen,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:1727:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(filename,O_CREAT|O_TRUNC|O_RDWR,perms);
data/libtpl-1.6.1/src/tpl.c:1757:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (mr->fd = open(filename, O_RDONLY)) == -1 ) {
data/libtpl-1.6.1/src/tpl.c:1815:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(child->data,child->addr,tpl_types[child->type].sz * child->num);
data/libtpl-1.6.1/src/tpl.c:1825:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str,((tpl_bin*)child->addr)->addr,slen);
data/libtpl-1.6.1/src/tpl.c:1839:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(child->data,&bin,sizeof(tpl_bin*));
data/libtpl-1.6.1/src/tpl.c:1859:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str,caddr,slen); /* include \0 */
data/libtpl-1.6.1/src/tpl.c:1867:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdata,&str,sizeof(char*));
data/libtpl-1.6.1/src/tpl.c:1996:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(caddr,dv,tpl_types[c->type].sz);
data/libtpl-1.6.1/src/tpl.c:2002:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->addr, dv, tpl_types[c->type].sz * c->num);
data/libtpl-1.6.1/src/tpl.c:2007:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slen,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:2015:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (slen>0) memcpy(str,dv,slen);
data/libtpl-1.6.1/src/tpl.c:2016:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(((tpl_bin*)c->addr)->addr),&str,sizeof(void*));
data/libtpl-1.6.1/src/tpl.c:2017:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(((tpl_bin*)c->addr)->sz),&slen,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:2022:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slen,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:2031:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (slen>1) memcpy(str,dv,slen-1);
data/libtpl-1.6.1/src/tpl.c:2035:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((char**)c->addr)[fidx],&str,sizeof(char*));
data/libtpl-1.6.1/src/tpl.c:2064:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &((tpl_atyp*)(c->data))->num, dv, sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:2109:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slen,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:2117:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slen,dv,sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:2140:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &((tpl_atyp*)(c->data))->num, dv, sizeof(uint32_t));
data/libtpl-1.6.1/src/tpl.c:2169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exit_msg[100];
data/libtpl-1.6.1/src/tpl.c:2224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preamble[8];
data/libtpl-1.6.1/src/tpl.c:2245:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tpllen,&preamble[4],4);
data/libtpl-1.6.1/src/tpl.c:2266:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*img,preamble,8); /* copy preamble to output buffer */
data/libtpl-1.6.1/src/tpl.c:2293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TPL_GATHER_BUFLEN], *img, *tpl;
data/libtpl-1.6.1/src/tpl.c:2336:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(img + (*gs)->len, buf, rc);
data/libtpl-1.6.1/src/tpl.c:2354:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tpllen,&tpl[4],4);
data/libtpl-1.6.1/src/tpl.c:2388:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (*gs)->img, tpl, img+catlen - tpl);
data/libtpl-1.6.1/src/tpl.c:2421:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(img + (*gs)->len, buf, len);
data/libtpl-1.6.1/src/tpl.c:2439:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tpllen,&tpl[4],4);
data/libtpl-1.6.1/src/tpl.c:2473:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (*gs)->img, tpl, img+catlen - tpl);
data/libtpl-1.6.1/tests/other/other1.cpp:10:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[30];
data/libtpl-1.6.1/tests/test106.c:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sum2[SUM_LENGTH];
data/libtpl-1.6.1/tests/test106.c:42:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd=open( filename,O_WRONLY|O_CREAT,perms)) == -1) {
data/libtpl-1.6.1/tests/test106.c:64:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ms.sums[j].sum2,"Deepak");
data/libtpl-1.6.1/tests/test106.c:91:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd=open( filename,O_RDONLY,perms)) == -1) {
data/libtpl-1.6.1/tests/test107.c:7:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[4];
data/libtpl-1.6.1/tests/test107.c:17:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[0].i = 0; strcpy(s[0].c, "cat");
data/libtpl-1.6.1/tests/test107.c:18:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[1].i = 1; strcpy(s[1].c, "dog");
data/libtpl-1.6.1/tests/test107.c:19:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[2].i = 2; strcpy(s[2].c, "eel");
data/libtpl-1.6.1/tests/test107.c:20:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[3].i = 3; strcpy(s[3].c, "emu");
data/libtpl-1.6.1/tests/test107.c:21:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[4].i = 4; strcpy(s[4].c, "ant");
data/libtpl-1.6.1/tests/test108.c:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[4];
data/libtpl-1.6.1/tests/test108.c:26:62: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[0].j=0; s[0].i=0; s[0].l1= 0; s[0].l2=0; s[0].h= 0; strcpy(s[0].c, "cat");
data/libtpl-1.6.1/tests/test108.c:27:62: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[1].j=100; s[1].i=1; s[1].l1=-1; s[1].l2=10; s[1].h=1000; strcpy(s[1].c, "dog");
data/libtpl-1.6.1/tests/test108.c:28:62: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[2].j=200; s[2].i=2; s[2].l1=-2; s[2].l2=20; s[2].h=2000; strcpy(s[2].c, "eel");
data/libtpl-1.6.1/tests/test108.c:29:62: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[3].j=300; s[3].i=3; s[3].l1=-3; s[3].l2=30; s[3].h=3000; strcpy(s[3].c, "emu");
data/libtpl-1.6.1/tests/test108.c:30:62: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
s[4].j=400; s[4].i=4; s[4].l1=-4; s[4].l2=40; s[4].h=4000; strcpy(s[4].c, "ant");
data/libtpl-1.6.1/tests/test112.c:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/libtpl-1.6.1/tests/test113.c:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/libtpl-1.6.1/tests/test115.c:23:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[BUF_SIZE];
data/libtpl-1.6.1/tests/test115.c:43:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s1[i].s, hw, sizeof(hw));
data/libtpl-1.6.1/tests/test115.c:68:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s2[i].s, hw, sizeof(hw));
data/libtpl-1.6.1/tests/test115.c:96:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s3[i].s, hw, sizeof(hw));
data/libtpl-1.6.1/tests/test116.c:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *strs[NUM_STRS] = {"alpha", "beta", "gamma"};
data/libtpl-1.6.1/tests/test116.c:13:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *STRS[NUM_STRS] = {"femto", "nano", "centi"};
data/libtpl-1.6.1/tests/test117.c:17:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *strs[NUM_STRS];
data/libtpl-1.6.1/tests/test117.c:18:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *STRS[NUM_STRS];
data/libtpl-1.6.1/tests/test117.c:24:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strs[j], STR, SLEN+1);
data/libtpl-1.6.1/tests/test120.c:8:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toosmall[10];
data/libtpl-1.6.1/tests/test120.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60];
data/libtpl-1.6.1/tests/test121.c:7:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *labels[2][3] = { {"one", "two", "three"},
data/libtpl-1.6.1/tests/test121.c:9:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *olabels[2][3] = { {NULL,NULL,NULL }, {NULL,NULL,NULL}};
data/libtpl-1.6.1/tests/test122.c:15:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/libtpl-1.6.1/tests/test124.c:9:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[LEN];
data/libtpl-1.6.1/tests/test124.c:19:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t.name,"abcdefghi\0",10);
data/libtpl-1.6.1/tests/test124.c:23:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t.name,"jklmnopqr\0",10);
data/libtpl-1.6.1/tests/test125.c:8:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[5000]; /* this doesn't matter- just a place to dump to */
data/libtpl-1.6.1/tests/test23.c:20:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd=open( file,O_RDONLY)) == -1) {
data/libtpl-1.6.1/tests/test24.c:16:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd=open( file,O_RDONLY)) == -1) {
data/libtpl-1.6.1/tests/test27.c:18:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd=open( file,O_RDWR|O_CREAT|O_TRUNC,perms)) == -1) {
data/libtpl-1.6.1/tests/test30.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10];
data/libtpl-1.6.1/tests/test30.c:13:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str,"good egg");
data/libtpl-1.6.1/tests/test32.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10];
data/libtpl-1.6.1/tests/test32.c:13:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str,"good egg");
data/libtpl-1.6.1/tests/test51.c:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FILE_BUFLEN];
data/libtpl-1.6.1/tests/test51.c:40:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( fd = open(*f, O_RDONLY) ) == -1) {
data/libtpl-1.6.1/tests/test54.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FILE_BUFLEN];
data/libtpl-1.6.1/tests/test54.c:46:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( fd = open(*f, O_RDONLY) ) == -1) {
data/libtpl-1.6.1/tests/test56.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[S1_LEN];
data/libtpl-1.6.1/tests/test56.c:12:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[S2_LEN];
data/libtpl-1.6.1/tests/test57.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[S1_LEN];
data/libtpl-1.6.1/tests/test57.c:12:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[S2_LEN];
data/libtpl-1.6.1/tests/test58.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[S1_LEN];
data/libtpl-1.6.1/tests/test58.c:12:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[S2_LEN];
data/libtpl-1.6.1/tests/test59.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[S1_LEN];
data/libtpl-1.6.1/tests/test59.c:13:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[S2_LEN];
data/libtpl-1.6.1/tests/test64.c:7:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10];
data/libtpl-1.6.1/tests/test70.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/libtpl-1.6.1/tests/test71.c:8:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/libtpl-1.6.1/tests/test72.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/libtpl-1.6.1/tests/test73.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/libtpl-1.6.1/tests/test73.c:12:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char y[3];
data/libtpl-1.6.1/tests/test75.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[S2_LEN]; /* s2 is a byte array */
data/libtpl-1.6.1/tests/test76.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[S2_LEN]; /* s2 is a byte array */
data/libtpl-1.6.1/tests/test77.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[S2_LEN]; /* s2 is a byte array */
data/libtpl-1.6.1/tests/test88.c:5:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/libtpl-1.6.1/tests/test89.c:6:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/libtpl-1.6.1/src/tpl.c:343:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
root->ser_osz += strlen(fmt) + 1; /* fmt + NUL-terminator */
data/libtpl-1.6.1/src/tpl.c:560:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((tpl_root_data*)(root->data))->fmt = tpl_hook.malloc(strlen(fmt)+1);
data/libtpl-1.6.1/src/tpl.c:563:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(((tpl_root_data*)(root->data))->fmt,fmt,strlen(fmt)+1);
data/libtpl-1.6.1/src/tpl.c:875:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strp ? (strlen(strp)+1) : 0;
data/libtpl-1.6.1/src/tpl.c:944:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strp ? strlen(strp) : 0;
data/libtpl-1.6.1/src/tpl.c:1087:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dv = tpl_cpv(dv,fmt,strlen(fmt)+1); /* copy format with NUL-term */
data/libtpl-1.6.1/src/tpl.c:1113:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = str ? strlen(str)+1 : 0;
data/libtpl-1.6.1/src/tpl.c:1365:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datapeek_flen = strlen(datapeek_f);
data/libtpl-1.6.1/src/tpl.c:1855:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = caddr ? (strlen(caddr) + 1) : 0;
data/libtpl-1.6.1/src/tpl.c:2229:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd,&preamble[i],8-i);
data/libtpl-1.6.1/src/tpl.c:2269:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd,&((*(char**)img)[i]),tpllen-i);
data/libtpl-1.6.1/src/tpl.c:2299:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd,buf,TPL_GATHER_BUFLEN);
data/libtpl-1.6.1/tests/test112.c:29:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(s[i].c, "abcdefg",8);
data/libtpl-1.6.1/tests/test113.c:31:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(s[i].c, "abcdefg",8);
data/libtpl-1.6.1/tests/test51.c:44:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd,&buf,FILE_BUFLEN); /* read whole file (no points for style) */
data/libtpl-1.6.1/tests/test54.c:50:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd,&buf,FILE_BUFLEN); /* read whole file (no points for style) */
data/libtpl-1.6.1/tests/test56.c:21:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(hs.s1, "draco",S1_LEN);
data/libtpl-1.6.1/tests/test56.c:22:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(hs.s2, "po",S2_LEN);
data/libtpl-1.6.1/tests/test56.c:37:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("hs2.s1 length: %d\n", (int)strlen(hs2.s1));
data/libtpl-1.6.1/tests/test56.c:39:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("hs2.s2 length: %d\n", (int)strlen(hs2.s2));
data/libtpl-1.6.1/tests/test57.c:19:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(hs.s1, "draco",S1_LEN);
data/libtpl-1.6.1/tests/test57.c:20:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(hs.s2, "po",S2_LEN);
data/libtpl-1.6.1/tests/test58.c:24:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("hs.s1 length: %d\n", (int)strlen(hs.s1));
data/libtpl-1.6.1/tests/test58.c:26:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("hs.s2 length: %d\n", (int)strlen(hs.s2));
data/libtpl-1.6.1/tests/test59.c:22:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(hs.s1, "draco",S1_LEN);
data/libtpl-1.6.1/tests/test59.c:23:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(hs.s2, "po",S2_LEN);
data/libtpl-1.6.1/tests/test59.c:41:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("hs2.s1 length: %d\n", (int)strlen(hs2.s1));
data/libtpl-1.6.1/tests/test59.c:44:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("hs2.s2 length: %d\n", (int)strlen(hs2.s2));
data/libtpl-1.6.1/tests/test64.c:43:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sh.str, "gamma", 10);
data/libtpl-1.6.1/tests/test64.c:45:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sh.str, "delta", 10);
data/libtpl-1.6.1/tests/test64.c:61:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bin.sz = strlen("epsilon")+1;
data/libtpl-1.6.1/tests/test64.c:64:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bin.sz = strlen("zeta")+1;
ANALYSIS SUMMARY:
Hits = 178
Lines analyzed = 7030 in approximately 0.23 seconds (30270 lines/second)
Physical Source Lines of Code (SLOC) = 5692
Hits@level = [0] 255 [1] 32 [2] 120 [3] 0 [4] 26 [5] 0
Hits@level+ = [0+] 433 [1+] 178 [2+] 146 [3+] 26 [4+] 26 [5+] 0
Hits/KSLOC@level+ = [0+] 76.0717 [1+] 31.272 [2+] 25.65 [3+] 4.56781 [4+] 4.56781 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.