Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mapcode-2.5.5/mapcodelib/internal_alphabet_recognizer.h
Examining data/mapcode-2.5.5/mapcodelib/internal_data.h
Examining data/mapcode-2.5.5/mapcodelib/internal_iso3166_data.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_alphabets.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_af.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_ar.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_be.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_cn.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_cs.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_da.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_de.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_en.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_es.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_fi.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_fr.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_he.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_hi.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_hr.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_id.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_it.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_ja.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_ko.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_local.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_nl.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_no.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_pl.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_pt.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_ru.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_sv.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_sw.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_tr.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_names_uk.h
Examining data/mapcode-2.5.5/mapcodelib/internal_territory_search.h
Examining data/mapcode-2.5.5/mapcodelib/mapcode_alphabets.h
Examining data/mapcode-2.5.5/mapcodelib/mapcode_legacy.c
Examining data/mapcode-2.5.5/mapcodelib/mapcode_legacy.h
Examining data/mapcode-2.5.5/mapcodelib/mapcode_territories.h
Examining data/mapcode-2.5.5/mapcodelib/mapcoder.c
Examining data/mapcode-2.5.5/mapcodelib/mapcoder.h
Examining data/mapcode-2.5.5/test/decode_test.h
Examining data/mapcode-2.5.5/test/test_territories.h
Examining data/mapcode-2.5.5/test/unittest.c
Examining data/mapcode-2.5.5/utility/mapcode.cpp

FINAL RESULTS:

data/mapcode-2.5.5/mapcodelib/mapcode_legacy.c:101:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(romanized, "%s%s%s%s%s",
data/mapcode-2.5.5/mapcodelib/mapcode_legacy.c:108:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(asciiBuffer, romanized);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1262:33:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                                strcpy(s, result);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1266:33:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                                strcat(s, result);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1513:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(result, input);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1634:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(input, dec->mapcode);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1635:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(input + dc, dec->mapcode + dc + 1);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1653:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(result, input);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2833:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(territoryISO, hyphen + 1);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2835:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(territoryISO, alphaCode);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3063:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(mapcode, rlocal.mapcode[0]);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3078:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(mapcode, mapcodes.mapcode[indexOfSelected]);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3186:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(territoryName, territoryNamesPiped);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3202:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(territoryName, territoryNamesPiped); // no bracket, return it all
data/mapcode-2.5.5/test/unittest.c:74:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(asciiBuffer, "%s%s%s%s%s",
data/mapcode-2.5.5/test/unittest.c:516:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(romanized1, "%s %s%s%s (%d;%d)",
data/mapcode-2.5.5/test/unittest.c:532:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(romanized2, "%s %s%s%s",
data/mapcode-2.5.5/test/unittest.c:635:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(clean, territory);
data/mapcode-2.5.5/test/unittest.c:870:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(alphacode, alphaCode);
data/mapcode-2.5.5/test/unittest.c:2013:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        printf(format, a);
data/mapcode-2.5.5/utility/mapcode.cpp:538:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(fullcode, ALPHA_SEARCH[a].alphaCode);
data/mapcode-2.5.5/utility/mapcode.cpp:544:25:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                        strcpy(fullcode + 3, ALPHA_SEARCH[a].alphaCode + 1);
data/mapcode-2.5.5/utility/mapcode.cpp:678:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(mapcode, mapcodeForCSV[m]);
data/mapcode-2.5.5/utility/mapcode.cpp:679:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(mapcode, (variant == 1) ? "-bc" : (variant == 2) ? "-DFGHJKLM" : "");
data/mapcode-2.5.5/utility/mapcode.cpp:784:13:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        if (random) {
data/mapcode-2.5.5/utility/mapcode.cpp:787:17:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                srand((unsigned int) seed);
data/mapcode-2.5.5/utility/mapcode.cpp:789:17:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                srand((unsigned int) time(0));
data/mapcode-2.5.5/utility/mapcode.cpp:806:17:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
            if (random) {
data/mapcode-2.5.5/mapcodelib/internal_data.h:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *ISO3166_ALPHA[_TERRITORY_MAX - _TERRITORY_MIN - 1] = {
data/mapcode-2.5.5/mapcodelib/internal_iso3166_data.h:28:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char PARENT_LETTER[_TERRITORY_MAX - _TERRITORY_MIN] = {
data/mapcode-2.5.5/mapcodelib/internal_iso3166_data.h:49:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char PARENT_NUMBER[_TERRITORY_MAX - _TERRITORY_MIN] = {
data/mapcode-2.5.5/mapcodelib/mapcode_legacy.c:27:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char GLOBAL_MAKEISO_BUFFER[2 * (MAX_ISOCODE_LEN + 1)];
data/mapcode-2.5.5/mapcodelib/mapcode_legacy.c:73:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char GLOBAL_ASCII_BUFFER[MAX_MAPCODE_RESULT_LEN];
data/mapcode-2.5.5/mapcodelib/mapcode_legacy.c:100:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char romanized[MAX_MAPCODE_RESULT_LEN];
data/mapcode-2.5.5/mapcodelib/mapcoder.c:193:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char ENCODE_CHARS[34] = {
data/mapcode-2.5.5/mapcodelib/mapcoder.c:203:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const signed char decode_chars[256] = {
data/mapcode-2.5.5/mapcodelib/mapcoder.c:315:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char DOUBLE_NAN[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F};     // NAN (Not a Number)
data/mapcode-2.5.5/mapcodelib/mapcoder.c:316:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char DOUBLE_INF[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xF0, 0x7F};     // +Infinity
data/mapcode-2.5.5/mapcodelib/mapcoder.c:317:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char DOUBLE_MIN_INF[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xF0, 0xFF}; // -Infinity
data/mapcode-2.5.5/mapcodelib/mapcoder.c:511:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(targetString, sourceString, (size_t) nrCharacters);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:651:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char country[4];
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1225:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char result[128];
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1503:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char result[MAX_PROPER_MAPCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1622:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char input[8];
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1652:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char result[32];
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2383:45:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                                            memcpy(&prevu, TERRITORY_BOUNDARY(j), sizeof(TerritoryBoundary));
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2672:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(targetAsciiString + totalLen, rest, (size_t) tocopy);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2717:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char targetAsciiString[MAX_MAPCODE_RESULT_ASCII_LEN] = "";
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2718:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char abjadString[MAX_MAPCODE_RESULT_ASCII_LEN] = "";
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2903:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codeISO[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3001:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(mapcodeElements, &dec.mapcodeElements, sizeof(MapcodeElements));
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3035:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(mapcodeElements, &dec.mapcodeElements, sizeof(MapcodeElements));
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3147:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char localeUpper[4] = "";           // Default locale is empty (which implies 'fallback').
data/mapcode-2.5.5/mapcodelib/mapcoder.h:96:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mapcode[MAX_NR_OF_MAPCODE_RESULTS][MAX_MAPCODE_RESULT_ASCII_LEN];   // The mapcodes.
data/mapcode-2.5.5/mapcodelib/mapcoder.h:110:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char territoryISO[MAX_ISOCODE_ASCII_LEN + 1];           // The (trimmed and uppercased) territory code, from the input.
data/mapcode-2.5.5/mapcodelib/mapcoder.h:112:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char properMapcode[MAX_PROPER_MAPCODE_ASCII_LEN + 1];   // The (romanised) mapcode excl. territory or extension.
data/mapcode-2.5.5/mapcodelib/mapcoder.h:114:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char precisionExtension[MAX_PRECISION_DIGITS + 1];      // The (romanised) extension (excluding the hyphen).
data/mapcode-2.5.5/test/unittest.c:494:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char utf8[MAX_MAPCODE_RESULT_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:505:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char romanized1[MAX_MAPCODE_RESULT_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:531:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char romanized2[MAX_MAPCODE_RESULT_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:586:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char clean[MAX_MAPCODE_RESULT_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:603:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char territory[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:614:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(territory, s, (size_t) len);
data/mapcode-2.5.5/test/unittest.c:642:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(clean + i, s, (size_t) len);
data/mapcode-2.5.5/test/unittest.c:865:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nam[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:868:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char alphacode[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:905:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nam[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1327:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s1[1];
data/mapcode-2.5.5/test/unittest.c:1328:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char largeString[16000];
data/mapcode-2.5.5/test/unittest.c:1515:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s1[1];
data/mapcode-2.5.5/test/unittest.c:1516:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char largeString[16000];
data/mapcode-2.5.5/test/unittest.c:1588:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(csvName, "r");
data/mapcode-2.5.5/test/unittest.c:1593:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char line[MAXLINESIZE];
data/mapcode-2.5.5/test/unittest.c:1602:59:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    csvTerritoryCode = TERRITORY_OF_INDEX(atoi(s));
data/mapcode-2.5.5/test/unittest.c:1641:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                                (atoi(s) != territoryAlphabet->alphabet[csvNrAlphabets - 1])) {
data/mapcode-2.5.5/test/unittest.c:1644:74:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                                       csvNrAlphabets, csvTerritoryCode, atoi(s));
data/mapcode-2.5.5/test/unittest.c:1666:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                char territoryName[MAX_TERRITORY_FULLNAME_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1701:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char result[MAX_MAPCODE_RESULT_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1716:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mapcode[MAX_MAPCODE_RESULT_ASCII_LEN];
data/mapcode-2.5.5/test/unittest.c:1767:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char gotName[MAX_TERRITORY_FULLNAME_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1771:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1778:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1792:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char gotName[MAX_TERRITORY_FULLNAME_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1796:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1803:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1816:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char gotName[MAX_TERRITORY_FULLNAME_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1820:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1827:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1844:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char territoryName[MAX_TERRITORY_FULLNAME_UTF8_LEN + 1024]; // large so we can test overflow
data/mapcode-2.5.5/test/unittest.c:1862:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char expectedLocalName[MAX_TERRITORY_FULLNAME_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1878:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1898:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1909:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char territoryNameLocal[MAX_TERRITORY_FULLNAME_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:1911:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char s[MAX_ISOCODE_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:2115:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char dec[MAX_MAPCODE_RESULT_ASCII_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:2121:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char utf8[MAX_MAPCODE_RESULT_UTF8_LEN + 1];
data/mapcode-2.5.5/test/unittest.c:2151:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s1[1];
data/mapcode-2.5.5/test/unittest.c:2152:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char largeString1[20000];
data/mapcode-2.5.5/test/unittest.c:2153:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char largeString2[10000];
data/mapcode-2.5.5/utility/mapcode.cpp:530:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char territoryName[MAX_MAPCODE_RESULT_ASCII_LEN];
data/mapcode-2.5.5/utility/mapcode.cpp:537:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char fullcode[16];
data/mapcode-2.5.5/utility/mapcode.cpp:542:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(fullcode, &parents2[p * 3 - 3], 2);
data/mapcode-2.5.5/utility/mapcode.cpp:675:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char asciiString[128];
data/mapcode-2.5.5/utility/mapcode.cpp:677:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char mapcode[128];
data/mapcode-2.5.5/utility/mapcode.cpp:702:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            extraDigits = atoi(argv[2]);
data/mapcode-2.5.5/utility/mapcode.cpp:769:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int nrOfPoints = atoi(argv[2]);
data/mapcode-2.5.5/utility/mapcode.cpp:776:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            extraDigits = atoi(argv[3]);
data/mapcode-2.5.5/utility/mapcode.cpp:786:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                const int seed = atoi(argv[4]);
data/mapcode-2.5.5/mapcodelib/mapcode_legacy.c:107:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((int) strlen(romanized) < maxLength) {
data/mapcode-2.5.5/mapcodelib/mapcoder.c:519:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int sourceLength = (int) strlen(sourceString);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:654:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ASSERT(s && ((int) strlen(s) >= len));
data/mapcode-2.5.5/mapcodelib/mapcoder.c:796:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *s = result + strlen(result);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:843:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ASSERT((int) strlen(s) == extraDigits);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1265:33:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                                strcat(s, " ");
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1383:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(extrapostfix) > MAX_PRECISION_DIGITS) {
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1501:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int codexlen = (int) (strlen(input) - 1);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1624:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int codexlen = (int) (strlen(dec->mapcode) - 1);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1852:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (int) strlen(s);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1954:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = (int) strlen(s);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:1956:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memmove(s + len, postfix, strlen(postfix) + 1);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2257:75:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if ((mapcodeElements->territoryCode == TERRITORY_MEX) && (strlen(mapcodeElements->properMapcode) < 8)) {
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2306:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    codex = dec->mapcodeElements.indexOfDot * 9 + (int) strlen(dec->mapcodeElements.properMapcode) - 1;
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2509:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (int) strlen(sourceAsciiString);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2524:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (int) strlen(targetAsciiString);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2665:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int totalLen = (int) strlen(targetAsciiString);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2666:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int needed = (int) strlen(rest);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2753:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                int len = (int) strlen(asciiString);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:2802:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(mapcodeString) < MAX_MAPCODE_RESULT_ASCII_LEN) {
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3146:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int upTo = (int) strlen(locale);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3185:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                ASSERT(strlen(territoryNamesPiped) <= MAX_TERRITORY_FULLNAME_UTF8_LEN);
data/mapcode-2.5.5/mapcodelib/mapcoder.c:3201:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ASSERT(strlen(territoryNamesPiped) <= MAX_TERRITORY_FULLNAME_UTF8_LEN);
data/mapcode-2.5.5/test/unittest.c:629:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = (int) strlen(s);
data/mapcode-2.5.5/test/unittest.c:633:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i = (int) strlen(territory);
data/mapcode-2.5.5/test/unittest.c:636:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(clean, " ");
data/mapcode-2.5.5/test/unittest.c:647:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            precision = (int) strlen(s + 1);
data/mapcode-2.5.5/test/unittest.c:867:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 0; i <= strlen(alphaCode); i++) {
data/mapcode-2.5.5/test/unittest.c:1875:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = (int) strlen(territoryName);
data/mapcode-2.5.5/test/unittest.c:2187:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                         strlen(ps) < (sizeof(largeString1) / sizeof(largeString1[0])),
data/mapcode-2.5.5/test/unittest.c:2196:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                         strlen(ps) < (sizeof(largeString2) / sizeof(largeString2[0])),
data/mapcode-2.5.5/utility/mapcode.cpp:437:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    extraDigits = (int) (strlen(suffix) - 1);
data/mapcode-2.5.5/utility/mapcode.cpp:579:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    e = s + strlen(s);

ANALYSIS SUMMARY:

Hits = 141
Lines analyzed = 60121 in approximately 2.77 seconds (21738 lines/second)
Physical Source Lines of Code (SLOC) = 57516
Hits@level = [0] 204 [1]  33 [2]  80 [3]   4 [4]  24 [5]   0
Hits@level+ = [0+] 345 [1+] 141 [2+] 108 [3+]  28 [4+]  24 [5+]   0
Hits/KSLOC@level+ = [0+] 5.99833 [1+] 2.45149 [2+] 1.87774 [3+] 0.486821 [4+] 0.417275 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.