Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_alpha_mask_u8.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_arc.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_arrowhead.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_basics.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_bezier_arc.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_bitset_iterator.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_blur.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_bounding_rect.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_bspline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_clip_liang_barsky.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_color_gray.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_color_rgba.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_config.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_adaptor_vcgen.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_adaptor_vpgen.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_bspline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_clip_polygon.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_clip_polyline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_close_polygon.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_concat.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_contour.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_curve.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_dash.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_gpc.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_marker.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_marker_adaptor.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_segmentator.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_shorten_path.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_smooth_poly1.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_stroke.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_transform.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_conv_unclose_polygon.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_curves.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_dda_line.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_ellipse.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_ellipse_bresenham.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_embedded_raster_fonts.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_font_cache_manager.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_font_cache_manager2.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_gamma_functions.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_gamma_lut.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_glyph_raster_bin.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_gradient_lut.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_gsv_text.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_image_accessors.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_image_filters.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_line_aa_basics.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_math.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_math_stroke.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_path_length.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_path_storage.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_path_storage_integer.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pattern_filters_rgba.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_amask_adaptor.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_base.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_gray.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_rgb.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_rgb_packed.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_rgba.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_transposer.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_cells_aa.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_compound_aa.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_outline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_outline_aa.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_scanline_aa.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_scanline_aa_nogamma.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_sl_clip.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_base.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_markers.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_mclip.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_outline_aa.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_outline_image.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_primitives.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_raster_text.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_renderer_scanline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rendering_buffer.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rendering_buffer_dynarow.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rounded_rect.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_bin.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_boolean_algebra.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_p.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_storage_aa.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_storage_bin.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_u.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_shorten_path.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_simul_eq.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_allocator.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_converter.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_gouraud.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_gouraud_gray.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_gouraud_rgba.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_gradient.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_gradient_alpha.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_gradient_contour.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_gradient_image.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_image_filter.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_image_filter_gray.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_image_filter_rgb.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_image_filter_rgba.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_interpolator_adaptor.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_interpolator_linear.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_interpolator_persp.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_interpolator_trans.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_pattern_gray.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_pattern_rgb.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_pattern_rgba.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_solid.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_span_subdiv_adaptor.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_affine.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_bilinear.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_double_path.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_perspective.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_single_path.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_viewport.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_warp_magnifier.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vcgen_bspline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vcgen_contour.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vcgen_dash.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vcgen_markers_term.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vcgen_smooth_poly1.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vcgen_stroke.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vcgen_vertex_sequence.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vertex_sequence.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vpgen_clip_polygon.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vpgen_clip_polyline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/agg_vpgen_segmentator.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_bezier_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_cbox_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_gamma_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_gamma_spline.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_polygon_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_rbox_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_scale_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_slider_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_spline_ctrl.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/platform/agg_platform_support.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/platform/mac/agg_mac_pmap.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/platform/win32/agg_win32_bmp.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/util/agg_color_conv.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/util/agg_color_conv_rgb16.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/include/util/agg_color_conv_rgb8.h
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_arc.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_arrowhead.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_bezier_arc.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_bspline.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_color_rgba.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_curves.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_embedded_raster_fonts.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_gsv_text.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_image_filters.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_line_aa_basics.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_line_profile_aa.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_rounded_rect.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_sqrt_tables.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_trans_affine.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_trans_double_path.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_trans_single_path.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_trans_warp_magnifier.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vcgen_bspline.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vcgen_contour.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vcgen_dash.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vcgen_markers_term.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vcgen_smooth_poly1.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vcgen_stroke.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vpgen_clip_polygon.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vpgen_clip_polyline.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/agg_vpgen_segmentator.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_bezier_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_cbox_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_gamma_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_gamma_spline.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_polygon_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_rbox_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_scale_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_slider_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_spline_ctrl.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_mac_pmap.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp
Examining data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_win32_bmp.cpp
Examining data/matplotlib-3.3.2/extern/libqhull/geom.c
Examining data/matplotlib-3.3.2/extern/libqhull/geom.h
Examining data/matplotlib-3.3.2/extern/libqhull/geom2.c
Examining data/matplotlib-3.3.2/extern/libqhull/global.c
Examining data/matplotlib-3.3.2/extern/libqhull/io.c
Examining data/matplotlib-3.3.2/extern/libqhull/io.h
Examining data/matplotlib-3.3.2/extern/libqhull/libqhull.c
Examining data/matplotlib-3.3.2/extern/libqhull/libqhull.h
Examining data/matplotlib-3.3.2/extern/libqhull/mem.c
Examining data/matplotlib-3.3.2/extern/libqhull/mem.h
Examining data/matplotlib-3.3.2/extern/libqhull/merge.c
Examining data/matplotlib-3.3.2/extern/libqhull/merge.h
Examining data/matplotlib-3.3.2/extern/libqhull/poly.c
Examining data/matplotlib-3.3.2/extern/libqhull/poly.h
Examining data/matplotlib-3.3.2/extern/libqhull/poly2.c
Examining data/matplotlib-3.3.2/extern/libqhull/qhull_a.h
Examining data/matplotlib-3.3.2/extern/libqhull/qset.c
Examining data/matplotlib-3.3.2/extern/libqhull/qset.h
Examining data/matplotlib-3.3.2/extern/libqhull/random.c
Examining data/matplotlib-3.3.2/extern/libqhull/random.h
Examining data/matplotlib-3.3.2/extern/libqhull/rboxlib.c
Examining data/matplotlib-3.3.2/extern/libqhull/stat.c
Examining data/matplotlib-3.3.2/extern/libqhull/stat.h
Examining data/matplotlib-3.3.2/extern/libqhull/user.c
Examining data/matplotlib-3.3.2/extern/libqhull/user.h
Examining data/matplotlib-3.3.2/extern/libqhull/usermem.c
Examining data/matplotlib-3.3.2/extern/libqhull/userprintf.c
Examining data/matplotlib-3.3.2/extern/libqhull/userprintf_rbox.c
Examining data/matplotlib-3.3.2/extern/ttconv/pprdrv.h
Examining data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp
Examining data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt2.cpp
Examining data/matplotlib-3.3.2/extern/ttconv/truetype.h
Examining data/matplotlib-3.3.2/extern/ttconv/ttutil.cpp
Examining data/matplotlib-3.3.2/src/_backend_agg.cpp
Examining data/matplotlib-3.3.2/src/_backend_agg.h
Examining data/matplotlib-3.3.2/src/_backend_agg_basic_types.h
Examining data/matplotlib-3.3.2/src/_backend_agg_wrapper.cpp
Examining data/matplotlib-3.3.2/src/_contour.cpp
Examining data/matplotlib-3.3.2/src/_contour.h
Examining data/matplotlib-3.3.2/src/_contour_wrapper.cpp
Examining data/matplotlib-3.3.2/src/_image.cpp
Examining data/matplotlib-3.3.2/src/_image.h
Examining data/matplotlib-3.3.2/src/_image_resample.h
Examining data/matplotlib-3.3.2/src/_image_wrapper.cpp
Examining data/matplotlib-3.3.2/src/_path.h
Examining data/matplotlib-3.3.2/src/_path_wrapper.cpp
Examining data/matplotlib-3.3.2/src/_tkagg.cpp
Examining data/matplotlib-3.3.2/src/_tkmini.h
Examining data/matplotlib-3.3.2/src/_ttconv.cpp
Examining data/matplotlib-3.3.2/src/agg_workaround.h
Examining data/matplotlib-3.3.2/src/array.h
Examining data/matplotlib-3.3.2/src/checkdep_freetype2.c
Examining data/matplotlib-3.3.2/src/ft2font.cpp
Examining data/matplotlib-3.3.2/src/ft2font.h
Examining data/matplotlib-3.3.2/src/ft2font_wrapper.cpp
Examining data/matplotlib-3.3.2/src/mplutils.cpp
Examining data/matplotlib-3.3.2/src/mplutils.h
Examining data/matplotlib-3.3.2/src/numpy_cpp.h
Examining data/matplotlib-3.3.2/src/path_converters.h
Examining data/matplotlib-3.3.2/src/py_adaptors.h
Examining data/matplotlib-3.3.2/src/py_converters.cpp
Examining data/matplotlib-3.3.2/src/py_converters.h
Examining data/matplotlib-3.3.2/src/py_exceptions.h
Examining data/matplotlib-3.3.2/src/qhull_wrap.c
Examining data/matplotlib-3.3.2/src/tri/_tri.cpp
Examining data/matplotlib-3.3.2/src/tri/_tri.h
Examining data/matplotlib-3.3.2/src/tri/_tri_wrapper.cpp
FINAL RESULTS:
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_font_cache_manager.h:64:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_font_signature, font_signature);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_rbox_ctrl.cpp:62:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&m_items[m_num_items][0], text);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_slider_ctrl.cpp:165:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, m_label, value());
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:640:37: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fAppPath, "%s", path.Path());
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:735:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:796:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(m_specific->fFilePath, "%s/%s", m_specific->fAppPath, file_name);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:807:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "%s/%s%s", m_specific->fAppPath, file, img_ext());
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:507:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1142:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, file);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1368:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, file);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:465:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:640:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:663:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:236:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:550:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:612:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:765:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1303:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1322:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/matplotlib-3.3.2/extern/libqhull/global.c:2119:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s", option);
data/matplotlib-3.3.2/extern/libqhull/random.c:54:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, s);
data/matplotlib-3.3.2/extern/libqhull/random.c:86:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, s);
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:388:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t+1, t+3); /* remove " t " */
data/matplotlib-3.3.2/extern/libqhull/usermem.c:63:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/matplotlib-3.3.2/extern/libqhull/userprintf.c:60:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fp, fmt, args);
data/matplotlib-3.3.2/extern/libqhull/userprintf_rbox.c:50:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fp, fmt, args);
data/matplotlib-3.3.2/extern/ttconv/pprdrv.h:45:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
virtual void printf(const char* format, ...);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt2.cpp:246:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
stream.printf(pdf_mode ? "%d %d m\n" : "%d %d _m\n",
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt2.cpp:252:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
stream.printf(pdf_mode ? "%d %d l\n" : "%d %d _l\n",
data/matplotlib-3.3.2/extern/ttconv/ttutil.cpp:23:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(format, arg_list);
data/matplotlib-3.3.2/extern/ttconv/ttutil.cpp:30:22: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void TTStreamWriter::printf(const char* format, ...)
data/matplotlib-3.3.2/extern/ttconv/ttutil.cpp:39:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int size = vsnprintf(buffer, PRINTF_BUFFER_SIZE, format, arg_list);
data/matplotlib-3.3.2/extern/ttconv/ttutil.cpp:46:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer2, size, format, arg_list);
data/matplotlib-3.3.2/extern/libqhull/user.h:259:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define qh_RANDOMint random()
data/matplotlib-3.3.2/extern/libqhull/user.h:260:30: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define qh_RANDOMseed_(seed) srandom(seed);
data/matplotlib-3.3.2/extern/libqhull/user.h:269:30: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define qh_RANDOMseed_(seed) srand((unsigned)seed);
data/matplotlib-3.3.2/extern/libqhull/user.h:274:30: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define qh_RANDOMseed_(seed) srand((unsigned)seed);
data/matplotlib-3.3.2/extern/libqhull/user.h:278:22: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define qh_RANDOMint lrand48()
data/matplotlib-3.3.2/extern/libqhull/user.h:288:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#error: unknown random option
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:56:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, c, sizeof(T) * Size);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:61:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, c, sizeof(T) * Size);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:124:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, v.m_array, sizeof(T) * m_size);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:138:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, v.m_array, sizeof(T) * m_size);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:249:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, m_array, m_size * sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:272:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, v.m_array, sizeof(T) * v.m_size);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:280:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(v.m_size) memcpy(m_array, v.m_array, sizeof(T) * v.m_size);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:287:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(m_size) memcpy(ptr, m_array, m_size * sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:296:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(byte_size) memcpy(m_array, data, byte_size * sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:589:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_blocks[i], v.m_blocks[i], block_size * sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:606:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_blocks[i], v.m_blocks[i], block_size * sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:623:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_blocks,
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:723:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(*this)[i], sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:737:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data, sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:760:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((*this)[start + i]), data, sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:765:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data, sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:868:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_blocks,
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_blur.h:1358:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r1, r0, w * sizeof(pixel_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_blur.h:1372:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r2, r1, w * sizeof(pixel_type)); // duplicate bottom row
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_font_cache_manager.h:175:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_fonts,
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_gsv_text.h:91:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_chr[2];
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_path_storage.h:311:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_coords,
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_path_storage.h:315:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cmds,
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_path_storage_integer.h:125:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_storage[i], sizeof(vertex_integer_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_path_storage_integer.h:267:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v, m_ptr, sizeof(vertex_integer_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_pixfmt_amask_adaptor.h:57:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_span[0], covers, len * sizeof(cover_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rasterizer_cells_aa.h:483:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cells, m_cells, m_max_blocks * sizeof(cell_type*));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rendering_buffer.h:108:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row_ptr(0, y, w), src.row_ptr(y), l);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_rendering_buffer.h:238:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row_ptr(0, y, w), src.row_ptr(y), l);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_p.h:106:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_cover_ptr, covers, len * sizeof(cover_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_p.h:262:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_cover_ptr, covers, len * sizeof(cover_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_storage_aa.h:100:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, cells, sizeof(T) * num_cells);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_storage_aa.h:106:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.ptr, cells, sizeof(T) * num_cells);
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_storage_aa.h:147:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst.ptr, src.ptr, dst.len * sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_storage_aa.h:482:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, covers, sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_storage_aa.h:487:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, covers, unsigned(sp.len) * sizeof(T));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_u.h:171:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_covers[x], covers, len * sizeof(cover_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_scanline_u.h:386:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_covers[x], covers, len * sizeof(cover_type));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_viewport.h:205:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, this, sizeof(*this));
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_trans_viewport.h:210:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this, ptr, sizeof(*this));
data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_cbox_ctrl.h:65:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[128];
data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_gamma_spline.h:79:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_gamma[256];
data/matplotlib-3.3.2/extern/agg24-svn/include/ctrl/agg_slider_ctrl.h:80:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[64];
data/matplotlib-3.3.2/extern/agg24-svn/include/platform/agg_platform_support.h:674:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_caption[256];
data/matplotlib-3.3.2/extern/agg24-svn/src/agg_gsv_text.cpp:547:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(file, "rb");
data/matplotlib-3.3.2/extern/agg24-svn/src/agg_gsv_text.cpp:579:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_text_buf[0], text, new_size);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_cbox_ctrl.cpp:54:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_label, l, len);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_gamma_ctrl.cpp:130:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[32];
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_gamma_ctrl.cpp:243:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tbuf, "%5.3f %5.3f %5.3f %5.3f", kx1, ky1, kx2, ky2);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_slider_ctrl.cpp:108:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_label, fmt, len);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_slider_ctrl.cpp:164:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp:613:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fn[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp:801:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char key_buf[BUF_SIZE];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fAppPath[B_PATH_NAME_LENGTH];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fFilePath[B_PATH_NAME_LENGTH];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:722:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/BeOS/agg_platform_support.cpp:806:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[B_PATH_NAME_LENGTH];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:493:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "AGG Application");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1141:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1146:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".ppm");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1149:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(buf, "rb");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1174:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned width = atoi(ptr);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1187:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned height = atoi(ptr);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1195:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(ptr) != 255)
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1367:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1372:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".ppm");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1375:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(buf, "wb");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:450:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:639:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:648:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:662:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:671:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:221:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:549:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:554:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:611:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:616:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:750:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1302:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1307:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1321:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1326:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1640:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argv_ptr, tok.ptr, tok.len);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_win32_bmp.cpp:417:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, m_buf, m_bmp->bmiHeader.biSizeImage);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_win32_bmp.cpp:500:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(filename, "rb");
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_win32_bmp.cpp:535:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(filename, "wb");
data/matplotlib-3.3.2/extern/libqhull/geom2.c:39:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newpoints, (char *)points, (size_t)size); /* newpoints!=0 by QH6004 */
data/matplotlib-3.3.2/extern/libqhull/global.c:1325:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[qh_FILENAMElen];
data/matplotlib-3.3.2/extern/libqhull/global.c:1345:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[qh_FILENAMElen];
data/matplotlib-3.3.2/extern/libqhull/global.c:1908:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(qh qhull, "qhull");
data/matplotlib-3.3.2/extern/libqhull/global.c:2116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/matplotlib-3.3.2/extern/libqhull/global.c:2121:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf+strlen(buf), " %d", *i);
data/matplotlib-3.3.2/extern/libqhull/global.c:2123:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf+strlen(buf), " %2.2g", *r);
data/matplotlib-3.3.2/extern/libqhull/io.c:3595:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, firstline[qh_MAXfirst+1];
data/matplotlib-3.3.2/extern/libqhull/libqhull.h:598:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qhull_command[256];/* command line that invoked this program */
data/matplotlib-3.3.2/extern/libqhull/libqhull.h:600:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbox_command[256]; /* command line that produced the input points */
data/matplotlib-3.3.2/extern/libqhull/libqhull.h:601:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qhull_options[512];/* descriptive list of options */
data/matplotlib-3.3.2/extern/libqhull/libqhull.h:655:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qhull[sizeof("qhull")]; /* "qhull" for checking ownership while debugging */
data/matplotlib-3.3.2/extern/libqhull/libqhull.h:657:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jmpXtra[40]; /* extra bytes in case jmp_buf is defined wrong by compiler */
data/matplotlib-3.3.2/extern/libqhull/libqhull.h:659:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jmpXtra2[40]; /* extra bytes in case jmp_buf is defined wrong by compiler*/
data/matplotlib-3.3.2/extern/libqhull/poly2.c:2988:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newfacet->normal, facetA->normal, qh normal_size);
data/matplotlib-3.3.2/extern/libqhull/poly2.c:2994:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newfacet->center, facetA->center, qh center_size);
data/matplotlib-3.3.2/extern/libqhull/qset.c:186:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&((*setp)->e[size].p), (char *)&(setA->e[0].p), (size_t)(sizeA+1) * SETelemsize);
data/matplotlib-3.3.2/extern/libqhull/qset.c:319:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&(newset->e[0].p), (char *)&(set->e[0].p), (size_t)(size+1) * SETelemsize);
data/matplotlib-3.3.2/extern/libqhull/qset.c:551:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newElem, elem, (size_t)elemsize);
data/matplotlib-3.3.2/extern/libqhull/qset.c:869:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newp, (char *)oldp, (size_t)(size+1) * SETelemsize);
data/matplotlib-3.3.2/extern/libqhull/qset.c:1004:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newp, (char *)oldp, (size_t)nth * SETelemsize);
data/matplotlib-3.3.2/extern/libqhull/qset.c:1032:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newp, (char *)oldp, (size_t)tailsize * SETelemsize);
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jmpXtra[40]; /* extra bytes in case jmp_buf is defined wrong by compiler */
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[200], seedbuf[200];
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:384:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(seedbuf, " t%d", seed); /* appends an extra t, not worth removing */
data/matplotlib-3.3.2/extern/libqhull/stat.h:505:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char id[ZEND+10]; /* id's in print order */
data/matplotlib-3.3.2/extern/libqhull/stat.h:506:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *doc[ZEND]; /* array of documentation strings */
data/matplotlib-3.3.2/extern/libqhull/stat.h:508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[ZEND]; /* type, see ztypes above */
data/matplotlib-3.3.2/extern/libqhull/stat.h:509:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printed[ZEND]; /* true, if statistic has been printed */
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:216:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*ptr, "unknown");
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:999:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp[80];
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:1264:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (font.file = fopen(filename,"rb")) == (FILE*)NULL )
data/matplotlib-3.3.2/extern/ttconv/ttutil.cpp:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PRINTF_BUFFER_SIZE];
data/matplotlib-3.3.2/extern/ttconv/ttutil.cpp:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[2];
data/matplotlib-3.3.2/src/_backend_agg.cpp:14:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data, height * stride);
data/matplotlib-3.3.2/src/_image.h:89:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(position, oldposition, rowsize * sizeof(unsigned char));
data/matplotlib-3.3.2/src/_image.h:98:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(position, inposition, 4 * sizeof(unsigned char));
data/matplotlib-3.3.2/src/_image.h:187:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(position, (const unsigned char *)bg.data(), 4 * sizeof(unsigned char));
data/matplotlib-3.3.2/src/_path.h:825:61: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return fabs(a-b) <= fmax(rtol * fmax(fabs(a), fabs(b)), atol);
data/matplotlib-3.3.2/src/_path_wrapper.cpp:20:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subresult.data(), &poly[0], sizeof(double) * poly.size() * 2);
data/matplotlib-3.3.2/src/_path_wrapper.cpp:363:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pyresult.data(), &result[0], result.size() * sizeof(int));
data/matplotlib-3.3.2/src/_path_wrapper.cpp:669:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pyvertices.data(), &vertices[0], sizeof(double) * 2 * length);
data/matplotlib-3.3.2/src/_path_wrapper.cpp:670:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pycodes.data(), &codes[0], sizeof(unsigned char) * length);
data/matplotlib-3.3.2/src/_path_wrapper.cpp:687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *codes[5];
data/matplotlib-3.3.2/src/ft2font_wrapper.cpp:389:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, tmpbuf, n_read);
data/matplotlib-3.3.2/src/ft2font_wrapper.cpp:482:56: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
|| !(self->py_file = PyObject_CallFunction(open, "Os", filename, "rb"))) {
data/matplotlib-3.3.2/src/ft2font_wrapper.cpp:899:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/matplotlib-3.3.2/src/ft2font_wrapper.cpp:1716:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_string[64];
data/matplotlib-3.3.2/src/ft2font_wrapper.cpp:1719:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(version_string, "%d.%d.%d", major, minor, patch);
data/matplotlib-3.3.2/src/qhull_wrap.c:138:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
error_file = fopen(STRINGIFY(MPL_DEVNULL), "w");
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:1031:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
unsigned remove_duplicates(Array& arr, Equal equal)
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_array.h:1039:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!equal(e, arr[i - 1]))
data/matplotlib-3.3.2/extern/agg24-svn/include/agg_font_cache_manager.h:63:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_font_signature = (char*)m_allocator.allocate(strlen(font_signature) + 1);
data/matplotlib-3.3.2/extern/agg24-svn/src/agg_gsv_text.cpp:574:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned new_size = strlen(text) + 1;
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_cbox_ctrl.cpp:52:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(l);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_rbox_ctrl.cpp:61:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_items[m_num_items].resize(strlen(text) + 1);
data/matplotlib-3.3.2/extern/agg24-svn/src/ctrl/agg_slider_ctrl.cpp:106:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(fmt);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp:404:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
std::strncpy(m_caption, "Anti-Grain Geometry", 256);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp:416:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(m_caption, cap, 256);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp:614:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(fn, file, 1024);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp:615:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = std::strlen(fn);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/AmigaOS/agg_platform_support.cpp:618:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
std::strncat(fn, ".bmp", 1024);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:250:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp.nitems = strlen(capt);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1143:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/X11/agg_platform_support.cpp:1369:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:641:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/mac/agg_platform_support.cpp:664:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:551:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/sdl/agg_platform_support.cpp:613:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1304:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1323:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1466:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_sep_len(sep ? strlen(sep) : 0),
data/matplotlib-3.3.2/extern/agg24-svn/src/platform/win32/agg_platform_support.cpp:1621:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* argv_str = new char [strlen(lpszCmdLine) + 3];
data/matplotlib-3.3.2/extern/libqhull/global.c:94:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*hiddenflags != ' ' || hiddenflags[strlen(hiddenflags)-1] != ' ') {
data/matplotlib-3.3.2/extern/libqhull/global.c:152:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chkerr[strlen(chkerr)-1]= '\'';
data/matplotlib-3.3.2/extern/libqhull/global.c:216:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qh qhull_commandsiz2= (int)strlen(qh qhull_command); /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/global.c:221:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qh qhull_optionsiz2= (int)strlen(qh qhull_options); /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/global.c:628:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(qh qhull_command, command, sizeof(qh qhull_command)-strlen(qh qhull_command)-1);
data/matplotlib-3.3.2/extern/libqhull/global.c:628:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(qh qhull_command, command, sizeof(qh qhull_command)-strlen(qh qhull_command)-1);
data/matplotlib-3.3.2/extern/libqhull/global.c:741:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qh feasible_string, start, (size_t)(t-start));
data/matplotlib-3.3.2/extern/libqhull/global.c:2121:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf+strlen(buf), " %d", *i);
data/matplotlib-3.3.2/extern/libqhull/global.c:2123:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf+strlen(buf), " %2.2g", *r);
data/matplotlib-3.3.2/extern/libqhull/global.c:2124:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len= (int)strlen(buf); /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/global.c:2130:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(qh qhull_options, "\n", (size_t)(maxlen--));
data/matplotlib-3.3.2/extern/libqhull/global.c:2132:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(qh qhull_options, buf, (size_t)maxlen);
data/matplotlib-3.3.2/extern/libqhull/io.c:200:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filename, source, length);
data/matplotlib-3.3.2/extern/libqhull/io.c:3698:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(qh rbox_command, s, sizeof(qh rbox_command)-1);
data/matplotlib-3.3.2/extern/libqhull/io.c:3716:11: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(qh rbox_command, s, sizeof(qh rbox_command)-1);
data/matplotlib-3.3.2/extern/libqhull/io.c:3828:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(qh rbox_command, s, sizeof(qh rbox_command)-1);
data/matplotlib-3.3.2/extern/libqhull/io.c:3932:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qh rbox_command[strlen(qh rbox_command)-1]= '\0';
data/matplotlib-3.3.2/extern/libqhull/libqhull.c:318:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qh qhull_optionsiz= (int)strlen(qh qhull_options); /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/random.c:53:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(s) < max_size) /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/random.c:63:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remaining= max_size - (int)strlen(command) - (int)strlen(s) - 2; /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/random.c:63:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remaining= max_size - (int)strlen(command) - (int)strlen(s) - 2; /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/random.c:65:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t= command + strlen(command);
data/matplotlib-3.3.2/extern/libqhull/random.c:85:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, " ");
data/matplotlib-3.3.2/extern/libqhull/random.c:111:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += (int)strlen(argv[i]) + 1; /* WARN64 */
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:131:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(command, rbox_command, sizeof(command)-strlen(command)-1);
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:131:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(command, rbox_command, sizeof(command)-strlen(command)-1);
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:385:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(command, seedbuf, sizeof(command)-strlen(command)-1);
data/matplotlib-3.3.2/extern/libqhull/rboxlib.c:385:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(command, seedbuf, sizeof(command)-strlen(command)-1);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:215:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*ptr = (char*) calloc(sizeof(char), strlen("unknown")+1);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:248:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(font->Copyright,(const char*)strings+offset,length);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:264:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(font->FamilyName,(const char*)strings+offset,length);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:280:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(font->Style,(const char*)strings+offset,length);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:296:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(font->FullName,(const char*)strings+offset,length);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:312:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(font->Version,(const char*)strings+offset,length);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:328:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(font->PostName,(const char*)strings+offset,length);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:358:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(font->Trademark,(const char*)strings+offset,length);
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:731:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (c = fgetc(font->file)) == EOF ) {
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:915:27: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (c = fgetc(font->file)) == EOF )
data/matplotlib-3.3.2/extern/ttconv/pprdrv_tt.cpp:1044:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp,ptr,len); /* Copy the pascal string into */
data/matplotlib-3.3.2/src/_ttconv.cpp:48:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
decoded = PyUnicode_DecodeLatin1(a, strlen(a), "");
ANALYSIS SUMMARY:
Hits = 238
Lines analyzed = 124188 in approximately 3.36 seconds (36925 lines/second)
Physical Source Lines of Code (SLOC) = 86924
Hits@level = [0] 66 [1] 63 [2] 136 [3] 6 [4] 33 [5] 0
Hits@level+ = [0+] 304 [1+] 238 [2+] 175 [3+] 39 [4+] 33 [5+] 0
Hits/KSLOC@level+ = [0+] 3.49731 [1+] 2.73802 [2+] 2.01325 [3+] 0.448668 [4+] 0.379642 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.