Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/medusa-2.2/src/listModules.c
Examining data/medusa-2.2/src/medusa-net.h
Examining data/medusa-2.2/src/medusa-thread-pool.c
Examining data/medusa-2.2/src/medusa-thread-pool.h
Examining data/medusa-2.2/src/medusa-thread-ssl.h
Examining data/medusa-2.2/src/medusa-trace.c
Examining data/medusa-2.2/src/medusa-trace.h
Examining data/medusa-2.2/src/medusa-utils.c
Examining data/medusa-2.2/src/medusa-utils.h
Examining data/medusa-2.2/src/modsrc/afp.c
Examining data/medusa-2.2/src/modsrc/cvs.c
Examining data/medusa-2.2/src/modsrc/d3des.c
Examining data/medusa-2.2/src/modsrc/d3des.h
Examining data/medusa-2.2/src/modsrc/ftp.c
Examining data/medusa-2.2/src/modsrc/hmacmd5.c
Examining data/medusa-2.2/src/modsrc/hmacmd5.h
Examining data/medusa-2.2/src/modsrc/http-digest.c
Examining data/medusa-2.2/src/modsrc/http-digest.h
Examining data/medusa-2.2/src/modsrc/http.c
Examining data/medusa-2.2/src/modsrc/imap.c
Examining data/medusa-2.2/src/modsrc/module.h
Examining data/medusa-2.2/src/modsrc/mssql.c
Examining data/medusa-2.2/src/modsrc/mysql.c
Examining data/medusa-2.2/src/modsrc/ncp.c
Examining data/medusa-2.2/src/modsrc/ntlm.h
Examining data/medusa-2.2/src/modsrc/pcanywhere.c
Examining data/medusa-2.2/src/modsrc/pop3.c
Examining data/medusa-2.2/src/modsrc/postgres.c
Examining data/medusa-2.2/src/modsrc/rdp.c
Examining data/medusa-2.2/src/modsrc/rexec.c
Examining data/medusa-2.2/src/modsrc/rlogin.c
Examining data/medusa-2.2/src/modsrc/rsh.c
Examining data/medusa-2.2/src/modsrc/sha1.c
Examining data/medusa-2.2/src/modsrc/sha1.h
Examining data/medusa-2.2/src/modsrc/smtp-vrfy.c
Examining data/medusa-2.2/src/modsrc/smtp.c
Examining data/medusa-2.2/src/modsrc/snmp.c
Examining data/medusa-2.2/src/modsrc/ssh.c
Examining data/medusa-2.2/src/modsrc/svn.c
Examining data/medusa-2.2/src/modsrc/telnet.c
Examining data/medusa-2.2/src/modsrc/vmauthd.c
Examining data/medusa-2.2/src/modsrc/web-form.c
Examining data/medusa-2.2/src/modsrc/vnc.c
Examining data/medusa-2.2/src/modsrc/nntp.c
Examining data/medusa-2.2/src/modsrc/ntlm.c
Examining data/medusa-2.2/src/modsrc/smbnt.c
Examining data/medusa-2.2/src/modsrc/wrapper.c
Examining data/medusa-2.2/src/test/max_thread_test.c
Examining data/medusa-2.2/src/uthash.h
Examining data/medusa-2.2/src/medusa-thread-ssl.c
Examining data/medusa-2.2/src/medusa.c
Examining data/medusa-2.2/src/medusa.h
Examining data/medusa-2.2/src/medusa-net.c

FINAL RESULTS:

data/medusa-2.2/src/medusa-trace.c:50:5:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    vsnprintf(buf, sizeof(buf) - 1, pMsg, ap);
data/medusa-2.2/src/medusa-trace.c:141:5:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    vsnprintf(buf, sizeof(buf), pMsg, ap);
data/medusa-2.2/src/medusa-utils.c:183:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (t1, "%s:%s", user, passwd);
data/medusa-2.2/src/medusa-utils.c:226:11:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    len = vsnprintf(buf, buflen, fmt, ap);
data/medusa-2.2/src/modsrc/afp.c:92:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/afp.c:349:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, LIBAFP_WARNING);
data/medusa-2.2/src/modsrc/cvs.c:80:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/cvs.c:323:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(szAuth, "BEGIN VERIFICATION REQUEST\n%s\n%s\nA%s\nEND VERIFICATION REQUEST\n", _psSessionData->szDir, szLogin, szPassTmp);
data/medusa-2.2/src/modsrc/ftp.c:88:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/http.c:99:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/http.c:300:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(_psSessionData->szHostHeader, "%s:%d", _psLogin->psServer->psHost->pHost, params.nPort);
data/medusa-2.2/src/modsrc/http.c:412:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "GET /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\n%s\r\n", 
data/medusa-2.2/src/modsrc/http.c:475:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szLoginDomain, "%s\\%s", _psSessionData->szDomain, szLogin);
data/medusa-2.2/src/modsrc/http.c:494:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "GET /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nAuthorization: Basic %s\r\n%s\r\n", 
data/medusa-2.2/src/modsrc/http.c:539:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "GET /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nAuthorization: NTLM %s\r\nConnection: keep-alive\r\n%s\r\n", 
data/medusa-2.2/src/modsrc/http.c:602:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "GET /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nAuthorization: NTLM %s\r\nConnection: close\r\n%s\r\n", 
data/medusa-2.2/src/modsrc/http.c:666:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "GET /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nConnection: keep-alive\r\n%s\r\n", 
data/medusa-2.2/src/modsrc/http.c:870:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szAuthorization, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=%s, response=\"%s\", qop=%s, nc=00000001, cnonce=\"%s\", opaque=\"%s\"",
data/medusa-2.2/src/modsrc/http.c:873:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szAuthorization, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=%s, response=\"%s\", qop=%s, nc=00000001, cnonce=\"%s\"",
data/medusa-2.2/src/modsrc/http.c:876:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szAuthorization, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=%s, response=\"%s\", opaque=\"%s\"",
data/medusa-2.2/src/modsrc/http.c:879:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szAuthorization, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=%s, response=\"%s\"",
data/medusa-2.2/src/modsrc/http.c:896:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "GET /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nAuthorization: %s\r\nConnection: keep-alive\r\n%s\r\n", 
data/medusa-2.2/src/modsrc/http.c:1003:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf((*login)->pErrorMsg, "Unexpected return code: %s", pTemp);
data/medusa-2.2/src/modsrc/http.c:1026:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, OPENSSL_WARNING);
data/medusa-2.2/src/modsrc/imap.c:98:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/imap.c:395:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s CAPABILITY\r\n", _psSessionData->szTag);
data/medusa-2.2/src/modsrc/imap.c:421:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char*)bufSend, "%s STARTTLS\r\n", _psSessionData->szTag);
data/medusa-2.2/src/modsrc/imap.c:453:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf((char*)bufSend, "%s CAPABILITY\r\n", _psSessionData->szTag);
data/medusa-2.2/src/modsrc/imap.c:516:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char*)bufSend, "%s LOGIN \"%s\\\\%s\" \"%s\"\r\n", _psSessionData->szTag, _psSessionData->szDomain, szLogin, szPassword);
data/medusa-2.2/src/modsrc/imap.c:521:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char*)bufSend, "%s LOGIN \"%s\" \"%s\"\r\n", _psSessionData->szTag, szLogin, szPassword);
data/medusa-2.2/src/modsrc/imap.c:548:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s AUTHENTICATE PLAIN\r\n", _psSessionData->szTag);
data/medusa-2.2/src/modsrc/imap.c:584:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s\r\n", szEncodedAuth);
data/medusa-2.2/src/modsrc/imap.c:621:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s AUTHENTICATE NTLM\r\n", _psSessionData->szTag);
data/medusa-2.2/src/modsrc/imap.c:651:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/imap.c:692:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/mssql.c:99:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/mssql.c:550:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, OPENSSL_WARNING);
data/medusa-2.2/src/modsrc/mysql.c:95:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/ncp.c:88:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/ncp.c:439:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, LIBNCP_WARNING);
data/medusa-2.2/src/modsrc/nntp.c:85:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/ntlm.c:825:30:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DEBUG(level, s) do { printf s; } while (0)
data/medusa-2.2/src/modsrc/pcanywhere.c:102:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/pop3.c:93:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/pop3.c:555:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "AUTH PLAIN %s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/pop3.c:721:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/pop3.c:761:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char*)bufSend, "%s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/postgres.c:84:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/postgres.c:278:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(szConnectionString, "host = '%s' dbname = '%s' user = '%s' password = '%s' ", (*psLogin)->psServer->pHostIP, _psSessionData->szDB, szLogin, szPassword);
data/medusa-2.2/src/modsrc/postgres.c:312:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, LIBPQ_WARNING);
data/medusa-2.2/src/modsrc/rdp.c:103:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/rexec.c:76:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/rlogin.c:75:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/rlogin.c:260:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf((char *)bufSend,"%s\r",szPassword);
data/medusa-2.2/src/modsrc/rsh.c:76:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/smbnt.c:197:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/smbnt.c:1957:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, OPENSSL_WARNING);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:99:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:388:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char *)bufSend, "HELO %s\r\n", _psSessionData->szHELO);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:390:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char *)bufSend, "EHLO %s\r\n", _psSessionData->szHELO);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:449:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf((char *)bufSend, "HELO %s\r\n", _psSessionData->szHELO);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:482:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "MAIL FROM: <%s>\r\n", _psSessionData->szMAILFROM);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:534:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char *)bufSend, "%s %.250s@%.250s\r\n", szVerb, szAccount, szDomain);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:538:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char *)bufSend, "%s %.250s\r\n", szVerb, szAccount);
data/medusa-2.2/src/modsrc/smtp.c:95:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/smtp.c:364:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "EHLO %s\r\n", _psSessionData->szEHLO);
data/medusa-2.2/src/modsrc/smtp.c:423:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf((char *)bufSend, "EHLO %s\r\n", _psSessionData->szEHLO);
data/medusa-2.2/src/modsrc/smtp.c:541:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "%s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/smtp.c:621:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char *)szLoginDomain, "%s\\%s", _psSessionData->szDomain, szLogin); 
data/medusa-2.2/src/modsrc/smtp.c:714:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "AUTH NTLM %s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/smtp.c:755:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "%s\r\n", szTmpBuf64);
data/medusa-2.2/src/modsrc/snmp.c:97:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/ssh.c:96:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/ssh.c:550:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, LIBSSH2_WARNING);
data/medusa-2.2/src/modsrc/svn.c:90:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/svn.c:206:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(_psSessionData->szURL, "svn://%s:%d/%s", psLogin->psServer->pHostIP, params.nPort, _psSessionData->szBranch);
data/medusa-2.2/src/modsrc/svn.c:413:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, LIBSVN_WARNING);
data/medusa-2.2/src/modsrc/telnet.c:113:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/telnet.c:442:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char *)bufSend, "%s\r", szLogin);
data/medusa-2.2/src/modsrc/telnet.c:520:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "%s\r", szPassword);
data/medusa-2.2/src/modsrc/telnet.c:664:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "%s\t%s\r", szUser, szPass);
data/medusa-2.2/src/modsrc/telnet.c:687:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szErrorMsg, "CPF1120 - User %s does not exist.", szUser); 
data/medusa-2.2/src/modsrc/telnet.c:730:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szErrorMsg, "CPF1394 - User profile %s cannot sign on.", szUser); 
data/medusa-2.2/src/modsrc/telnet.c:740:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szErrorMsg, "CPF1118 - No password associated with user %s.", szUser); 
data/medusa-2.2/src/modsrc/vmauthd.c:77:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/vmauthd.c:264:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "USER %s\r\n", szLogin);
data/medusa-2.2/src/modsrc/vmauthd.c:286:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf((char *)bufSend, "PASS %s\r\n", szPassword);
data/medusa-2.2/src/modsrc/vnc.c:103:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/vnc.c:1018:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, OPENSSL_WARNING);
data/medusa-2.2/src/modsrc/web-form.c:96:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/web-form.c:321:11:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
          sprintf(_psSessionData->szHostHeader, "%s:%d", _psLogin->psServer->psHost->pHost, params.nPort);
data/medusa-2.2/src/modsrc/web-form.c:626:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT_WARN, MODULE_SUMMARY_USAGE, MODULE_VERSION, OPENSSL_WARNING);
data/medusa-2.2/src/modsrc/wrapper.c:92:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(*ppszSummary, iLength, MODULE_SUMMARY_FORMAT, MODULE_SUMMARY_USAGE, MODULE_VERSION);
data/medusa-2.2/src/modsrc/wrapper.c:467:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if (system(_psSessionData->szCmdFull) < 0)
data/medusa-2.2/src/modsrc/wrapper.c:514:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(bufSend, "%s\n", szPassword);
data/medusa-2.2/src/uthash.h:217:29:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define HASH_OOPS(...) do { fprintf(stderr,__VA_ARGS__); exit(-1); } while (0)
data/medusa-2.2/src/medusa.c:138:17:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((opt = getopt(argc, argv, "h:H:u:U:p:P:C:O:e:M:m:g:r:R:c:t:T:n:bqdsLfFVv:w:Z:")) != EOF)
data/medusa-2.2/src/medusa.c:2004:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  szModulePaths[0] = getenv("MEDUSA_MODULE_PATH");
data/medusa-2.2/src/medusa-net.c:108:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char out[16];
data/medusa-2.2/src/medusa-net.c:156:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&target.sin_addr.s_addr, &nProxyStringIP, sizeof(unsigned long));
data/medusa-2.2/src/medusa-net.c:161:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&target.sin_addr.s_addr, &nHost, sizeof(unsigned long));
data/medusa-2.2/src/medusa-net.c:285:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&target.sin_addr.s_addr, &nHost, sizeof(unsigned long));
data/medusa-2.2/src/medusa-net.c:556:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(szBufReceive + nBufReceive, szBufReceiveTmp, nBufReceiveTmp);
data/medusa-2.2/src/medusa-net.c:801:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char errmsg[512];
data/medusa-2.2/src/medusa-net.c:846:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*szBufReceive + *nBufReceive, szBufReceiveTmp, nBufReceiveTmp);
data/medusa-2.2/src/medusa-net.c:874:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char debugbuf[size + 1];
data/medusa-2.2/src/medusa-trace.c:37:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[512];
data/medusa-2.2/src/medusa-trace.c:38:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char bufOut[2049]; // 1 character is represented by 4 -- [01]
data/medusa-2.2/src/medusa-trace.c:39:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char temp[6];
data/medusa-2.2/src/medusa-trace.c:63:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(temp, "[%02X]", cTemp);        
data/medusa-2.2/src/medusa-trace.c:66:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(temp, "%c", cTemp);
data/medusa-2.2/src/medusa-trace.c:128:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[4096];
data/medusa-2.2/src/medusa-trace.c:129:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char bufOut[16384];
data/medusa-2.2/src/medusa-trace.c:130:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char temp[6];
data/medusa-2.2/src/medusa-utils.c:40:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char tbl[64] = {
data/medusa-2.2/src/medusa-utils.c:196:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char f[3];
data/medusa-2.2/src/medusa.c:273:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _psAudit->iLoginCnt = atoi(optarg);
data/medusa-2.2/src/medusa.c:276:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _psAudit->iServerCnt = atoi(optarg);
data/medusa-2.2/src/medusa.c:279:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _psAudit->iPortOverride = atoi(optarg);
data/medusa-2.2/src/medusa.c:282:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      iVerboseLevel = atoi(optarg);
data/medusa-2.2/src/medusa.c:285:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      iErrorLevel = atoi(optarg);
data/medusa-2.2/src/medusa.c:314:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _psAudit->iTimeout = atoi(optarg);
data/medusa-2.2/src/medusa.c:317:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _psAudit->iRetryWait = atoi(optarg);
data/medusa-2.2/src/medusa.c:320:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _psAudit->iRetries = atoi(optarg);
data/medusa-2.2/src/medusa.c:323:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _psAudit->iSocketWait = atoi(optarg);
data/medusa-2.2/src/medusa.c:472:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp[MAX_BUF];
data/medusa-2.2/src/medusa.c:477:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((pfFile = fopen(pFile, "r")) == NULL)
data/medusa-2.2/src/medusa.c:522:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(ptr, tmp, strlen(tmp) + 1);
data/medusa-2.2/src/medusa.c:1700:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szTmp[11];
data/medusa-2.2/src/medusa.c:1701:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szTmp1[11];
data/medusa-2.2/src/medusa.c:1702:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szTmp2[11];
data/medusa-2.2/src/medusa.c:1866:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szTmp[10+1]; // we can only resume h + 7 + . + \0, so 7 digits... 9,999,999 (should be enough) hosts
data/medusa-2.2/src/medusa.c:1990:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char time_buf[256];
data/medusa-2.2/src/medusa.c:2082:24:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((pOutputFile = fopen(psAudit->pOptOutput, "a+")) == NULL)
data/medusa-2.2/src/modsrc/afp.c:314:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&tmpurl.servername, (*psLogin)->psServer->pHostIP, AFP_SERVER_NAME_LEN); 
data/medusa-2.2/src/modsrc/afp.c:315:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&tmpurl.username, szLogin, AFP_MAX_USERNAME_LEN);
data/medusa-2.2/src/modsrc/afp.c:316:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&tmpurl.password, szPassword, AFP_MAX_PASSWORD_LEN);
data/medusa-2.2/src/modsrc/cvs.c:194:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_psSessionData->szDir, "/root");
data/medusa-2.2/src/modsrc/d3des.c:67:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char pc1[56] = {
data/medusa-2.2/src/modsrc/d3des.c:74:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char totrot[16] = {
data/medusa-2.2/src/modsrc/d3des.c:78:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char pc2[48] = {
data/medusa-2.2/src/modsrc/d3des.c:91:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char pc1m[56], pcr[56];
data/medusa-2.2/src/modsrc/ftp.c:374:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/ftp.c:381:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "AUTH TLS\r\n");
data/medusa-2.2/src/modsrc/ftp.c:419:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/ftp.c:425:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "USER %.250s\r\n", szLogin);
data/medusa-2.2/src/modsrc/ftp.c:463:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf((char*)bufSend, "USER %.250s\r\n", szLogin);
data/medusa-2.2/src/modsrc/ftp.c:505:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "PASS %.250s\r\n", szPassword);
data/medusa-2.2/src/modsrc/hmacmd5.c:40:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char tk[16];
data/medusa-2.2/src/modsrc/hmacmd5.c:57:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( ctx->k_ipad, key, key_len);
data/medusa-2.2/src/modsrc/hmacmd5.c:58:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( ctx->k_opad, key, key_len);
data/medusa-2.2/src/modsrc/hmacmd5.c:87:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( ctx->k_ipad, key, key_len);
data/medusa-2.2/src/modsrc/hmacmd5.c:88:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( ctx->k_opad, key, key_len);
data/medusa-2.2/src/modsrc/hmacmd5.c:130:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void hmac_md5( unsigned char key[16], unsigned char *data, int data_len, unsigned char *digest)
data/medusa-2.2/src/modsrc/hmacmd5.h:26:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char k_ipad[65];    
data/medusa-2.2/src/modsrc/hmacmd5.h:27:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char k_opad[65];
data/medusa-2.2/src/modsrc/http-digest.h:9:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef unsigned char HASH[HASHLEN];
data/medusa-2.2/src/modsrc/http-digest.h:11:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef unsigned char HASHHEX[HASHHEXLEN+1];
data/medusa-2.2/src/modsrc/http.c:307:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_psSessionData->szUserAgent, "Mozilla/1.22 (compatible; MSIE 10.0; Windows 3.1)");
data/medusa-2.2/src/modsrc/http.c:633:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char  szNonceCount[9] = "00000001";
data/medusa-2.2/src/modsrc/http.c:723:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(szAlg, "MD5-sess"); 
data/medusa-2.2/src/modsrc/http.c:730:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(szAlg, "MD5"); 
data/medusa-2.2/src/modsrc/http.c:742:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(szAlg, "MD5"); 
data/medusa-2.2/src/modsrc/http.c:917:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szStatusCode[4];
data/medusa-2.2/src/modsrc/http.c:966:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  switch (atoi(szStatusCode))
data/medusa-2.2/src/modsrc/imap.c:259:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_psSessionData->szTag, "gerg");
data/medusa-2.2/src/modsrc/imap.c:571:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(szTmp, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/imap.c:572:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(szTmp + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/imap.c:573:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(szTmp + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword)); 
data/medusa-2.2/src/modsrc/mssql.c:351:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          nPortTmp = atoi(szTmp2);
data/medusa-2.2/src/modsrc/mssql.c:456:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ms_login[MSLEN + 1];
data/medusa-2.2/src/modsrc/mssql.c:457:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ms_pass[MSLEN + 1];
data/medusa-2.2/src/modsrc/mssql.c:469:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer, pkt_hdr, 39);
data/medusa-2.2/src/modsrc/mssql.c:470:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + 39, ms_login, MSLEN);
data/medusa-2.2/src/modsrc/mssql.c:471:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + MSLEN + 39, &len_login, 1);
data/medusa-2.2/src/modsrc/mssql.c:472:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + MSLEN + 1 + 39, ms_pass, MSLEN);
data/medusa-2.2/src/modsrc/mssql.c:473:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + MSLEN + 1 + 39 + MSLEN, &len_pass, 1);
data/medusa-2.2/src/modsrc/mssql.c:474:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1, pkt_pt2, 110);
data/medusa-2.2/src/modsrc/mssql.c:475:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1 + 110, &len_pass, 1);
data/medusa-2.2/src/modsrc/mssql.c:476:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1 + 110 + 1, ms_pass, MSLEN);
data/medusa-2.2/src/modsrc/mssql.c:477:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1 + 110 + 1 + MSLEN, pkt_pt3, 270);
data/medusa-2.2/src/modsrc/mssql.c:485:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[3 * MSLEN + 422 + 1];
data/medusa-2.2/src/modsrc/mysql.c:285:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char com_quit_packet[5] = { 0x01, 0x00, 0x00, 0x00, 0x01 };
data/medusa-2.2/src/modsrc/mysql.c:649:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*szSessionSalt, bufReceive + strlen(szServerVersion) + 10, 9);
data/medusa-2.2/src/modsrc/mysql.c:650:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*szSessionSalt+8 , bufReceive + strlen(szServerVersion) + 37 , 12); 
data/medusa-2.2/src/modsrc/mysql.c:668:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*szSessionSalt, bufReceive + strlen(szServerVersion) + 10, 9);
data/medusa-2.2/src/modsrc/ncp.c:301:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ErrorCode[12];
data/medusa-2.2/src/modsrc/ncp.c:376:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(_psSessionData->spec.password, szPassword, l);
data/medusa-2.2/src/modsrc/ncp.c:412:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ErrorCode, "0x%8.8X:", NCPErrorCode);
data/medusa-2.2/src/modsrc/nntp.c:233:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/nntp.c:236:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "QUIT\r\n");
data/medusa-2.2/src/modsrc/nntp.c:250:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/nntp.c:283:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "HELP\r\n");
data/medusa-2.2/src/modsrc/nntp.c:320:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/nntp.c:326:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "AUTHINFO USER %.250s\r\n", szLogin);
data/medusa-2.2/src/modsrc/nntp.c:356:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf((char*)bufSend, "AUTHINFO PASS \"\"\r\n");
data/medusa-2.2/src/modsrc/nntp.c:358:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf((char*)bufSend, "AUTHINFO PASS %.250s\r\n", szPassword);
data/medusa-2.2/src/modsrc/ntlm.c:164:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
data/medusa-2.2/src/modsrc/ntlm.c:391:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[128];
data/medusa-2.2/src/modsrc/ntlm.c:410:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf, in, n);
data/medusa-2.2/src/modsrc/ntlm.c:550:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char out[64];
data/medusa-2.2/src/modsrc/ntlm.c:576:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pk1[56];
data/medusa-2.2/src/modsrc/ntlm.c:577:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char c[28];
data/medusa-2.2/src/modsrc/ntlm.c:578:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char d[28];
data/medusa-2.2/src/modsrc/ntlm.c:579:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cd[56];
data/medusa-2.2/src/modsrc/ntlm.c:580:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ki[16][48];
data/medusa-2.2/src/modsrc/ntlm.c:581:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pd1[64];
data/medusa-2.2/src/modsrc/ntlm.c:582:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char l[32], r[32];
data/medusa-2.2/src/modsrc/ntlm.c:583:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char rl[64];
data/medusa-2.2/src/modsrc/ntlm.c:611:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char er[48];
data/medusa-2.2/src/modsrc/ntlm.c:612:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char erk[48];
data/medusa-2.2/src/modsrc/ntlm.c:613:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char b[8][6];
data/medusa-2.2/src/modsrc/ntlm.c:614:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cb[32];
data/medusa-2.2/src/modsrc/ntlm.c:615:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pcb[32];
data/medusa-2.2/src/modsrc/ntlm.c:616:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char r2[32];
data/medusa-2.2/src/modsrc/ntlm.c:676:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char outb[64];
data/medusa-2.2/src/modsrc/ntlm.c:677:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char inb[64];
data/medusa-2.2/src/modsrc/ntlm.c:678:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char keyb[64];
data/medusa-2.2/src/modsrc/ntlm.c:679:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char key2[8];
data/medusa-2.2/src/modsrc/ntlm.c:703:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
data/medusa-2.2/src/modsrc/ntlm.c:729:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[8];
data/medusa-2.2/src/modsrc/ntlm.c:737:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[8];
data/medusa-2.2/src/modsrc/ntlm.c:738:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static unsigned char key2[8];
data/medusa-2.2/src/modsrc/ntlm.c:747:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static unsigned char key2[8];
data/medusa-2.2/src/modsrc/ntlm.c:756:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char s_box[256];
data/medusa-2.2/src/modsrc/ntlm.c:849:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(dest, src, len);
data/medusa-2.2/src/modsrc/ntlm.c:952:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16])
data/medusa-2.2/src/modsrc/ntlm.c:954:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char passwd[130];
data/medusa-2.2/src/modsrc/ntlm.c:994:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(p21, passwd, 16);    
data/medusa-2.2/src/modsrc/ntlm.c:1004:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(p21, passwd, 8);    
data/medusa-2.2/src/modsrc/ntlm.c:1069:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ptr->buffer+ptr->bufIndex, buf, count); \
data/medusa-2.2/src/modsrc/ntlm.c:1121:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char buf[1024];
data/medusa-2.2/src/modsrc/ntlm.c:1137:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static unsigned char buf[1024];
data/medusa-2.2/src/modsrc/ntlm.c:1154:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static unsigned char buf[1024];
data/medusa-2.2/src/modsrc/ntlm.c:1158:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf,p,len);
data/medusa-2.2/src/modsrc/ntlm.c:1183:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(request->ident,"NTLMSSP\0\0\0",8);
data/medusa-2.2/src/modsrc/ntlm.c:1246:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sessionHash, sessionNonce, 8);
data/medusa-2.2/src/modsrc/ntlm.c:1248:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(lmRespData, clientNonce, 8);
data/medusa-2.2/src/modsrc/ntlm.c:1257:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(response->ident,"NTLMSSP\0\0\0",8);
data/medusa-2.2/src/modsrc/ntlm.h:59:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          ident[8];
data/medusa-2.2/src/modsrc/ntlm.h:70:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          ident[8];
data/medusa-2.2/src/modsrc/ntlm.h:83:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          ident[8];
data/medusa-2.2/src/modsrc/pcanywhere.c:69:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char domain[17];
data/medusa-2.2/src/modsrc/pcanywhere.c:313:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[MAX_BUF];
data/medusa-2.2/src/modsrc/pcanywhere.c:321:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char clogin[128]="";
data/medusa-2.2/src/modsrc/pcanywhere.c:322:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cpass[128]="";
data/medusa-2.2/src/modsrc/pop3.c:211:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/pop3.c:292:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf((char*)bufSend, "STLS\r\n");
data/medusa-2.2/src/modsrc/pop3.c:414:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "CAPA\r\n");
data/medusa-2.2/src/modsrc/pop3.c:467:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/pop3.c:478:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf((char*)bufSend, "USER %.100s@%.150s\r\n", szLogin, _psSessionData->szDomain);
data/medusa-2.2/src/modsrc/pop3.c:480:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf((char*)bufSend, "USER %.250s\r\n", szLogin);
data/medusa-2.2/src/modsrc/pop3.c:512:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "PASS %.250s\r\n", szPassword);
data/medusa-2.2/src/modsrc/pop3.c:589:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "AUTH LOGIN\r\n");
data/medusa-2.2/src/modsrc/pop3.c:692:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char*)bufSend, "AUTH NTLM\r\n");
data/medusa-2.2/src/modsrc/postgres.c:192:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_psSessionData->szDB, "template1");
data/medusa-2.2/src/modsrc/rexec.c:220:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/rlogin.c:218:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/rsh.c:220:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/smbnt.c:148:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char challenge[8];
data/medusa-2.2/src/modsrc/smbnt.c:149:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char workgroup[16];
data/medusa-2.2/src/modsrc/smbnt.c:150:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char workgroup_other[16];
data/medusa-2.2/src/modsrc/smbnt.c:151:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char machine_name[16];
data/medusa-2.2/src/modsrc/smbnt.c:616:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char password[14 + 1];
data/medusa-2.2/src/modsrc/smbnt.c:617:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char lm_hash[21];
data/medusa-2.2/src/modsrc/smbnt.c:618:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char lm_response[24];
data/medusa-2.2/src/modsrc/smbnt.c:711:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(*lmhash, lm_response, 24);
data/medusa-2.2/src/modsrc/smbnt.c:723:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char hash[16];                       /* MD4_SIGNATURE_SIZE = 16 */
data/medusa-2.2/src/modsrc/smbnt.c:724:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char unicodePassword[256 * 2];       /* MAX_NT_PASSWORD = 256 */
data/medusa-2.2/src/modsrc/smbnt.c:730:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char NO_PASSWORD[1] = "";
data/medusa-2.2/src/modsrc/smbnt.c:813:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ntlmhash, hash, 16);
data/medusa-2.2/src/modsrc/smbnt.c:829:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char hash[16];                       /* MD4_SIGNATURE_SIZE = 16 */
data/medusa-2.2/src/modsrc/smbnt.c:830:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char p21[21];
data/medusa-2.2/src/modsrc/smbnt.c:831:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char ntlm_response[24];
data/medusa-2.2/src/modsrc/smbnt.c:838:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(p21, hash, 16);
data/medusa-2.2/src/modsrc/smbnt.c:844:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(*ntlmhash, ntlm_response, 24);
data/medusa-2.2/src/modsrc/smbnt.c:865:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char ntlm_hash[16];
data/medusa-2.2/src/modsrc/smbnt.c:866:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char lmv2_response[24];
data/medusa-2.2/src/modsrc/smbnt.c:867:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char unicodeUsername[20 * 2];
data/medusa-2.2/src/modsrc/smbnt.c:868:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char unicodeTarget[256 * 2];
data/medusa-2.2/src/modsrc/smbnt.c:870:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char kr_buf[16];
data/medusa-2.2/src/modsrc/smbnt.c:873:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char client_challenge[8] = { 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88 };
data/medusa-2.2/src/modsrc/smbnt.c:934:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(*LMv2hash, lmv2_response, 16);
data/medusa-2.2/src/modsrc/smbnt.c:935:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(*LMv2hash + 16, client_challenge, 8);
data/medusa-2.2/src/modsrc/smbnt.c:964:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char ntlm_hash[16];
data/medusa-2.2/src/modsrc/smbnt.c:965:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char ntlmv2_response[56 + 20 * 2 + 256 * 2];
data/medusa-2.2/src/modsrc/smbnt.c:966:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char unicodeUsername[20 * 2];
data/medusa-2.2/src/modsrc/smbnt.c:967:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char unicodeTarget[256 * 2];
data/medusa-2.2/src/modsrc/smbnt.c:969:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char kr_buf[16];
data/medusa-2.2/src/modsrc/smbnt.c:972:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char client_challenge[8] = { 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88 };
data/medusa-2.2/src/modsrc/smbnt.c:1075:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ntlmv2_response + 32, client_challenge, 8); /* Client Nonce */
data/medusa-2.2/src/modsrc/smbnt.c:1115:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(*NTLMv2hash, ntlmv2_response, *iByteCount);
data/medusa-2.2/src/modsrc/smbnt.c:1128:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char nb_name[32];             /* netbiosname */
data/medusa-2.2/src/modsrc/smbnt.c:1129:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char nb_local[32];            /* netbios localredirector */
data/medusa-2.2/src/modsrc/smbnt.c:1130:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char rqbuf[7] = { 0x81, 0x00, 0x00, 0x48, 0x20, 0x00, 0x20 };
data/medusa-2.2/src/modsrc/smbnt.c:1146:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nb_name, "CKFDENECFDEFFCFGEFFCCACACACACACA", 32);      /* *SMBSERVER */
data/medusa-2.2/src/modsrc/smbnt.c:1159:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(nb_local, "ENEFEEFFFDEBCACACACACACACACACACA", 32);     /* MEDUSA */
data/medusa-2.2/src/modsrc/smbnt.c:1163:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf, (char *) rqbuf, 5);
data/medusa-2.2/src/modsrc/smbnt.c:1164:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + 5, nb_name, 32);
data/medusa-2.2/src/modsrc/smbnt.c:1165:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + 37, (char *) rqbuf + 5, 2);
data/medusa-2.2/src/modsrc/smbnt.c:1166:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + 39, nb_local, 32);
data/medusa-2.2/src/modsrc/smbnt.c:1167:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + 71, (char *) rqbuf + 5, 1);
data/medusa-2.2/src/modsrc/smbnt.c:1196:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char nb_name[16];
data/medusa-2.2/src/modsrc/smbnt.c:1198:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char nbstat[50] = {
data/medusa-2.2/src/modsrc/smbnt.c:1253:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nb_name, bufReceive + iResponseOffset, 16);
data/medusa-2.2/src/modsrc/smbnt.c:1304:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[168] = {
data/medusa-2.2/src/modsrc/smbnt.c:1428:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[512];
data/medusa-2.2/src/modsrc/smbnt.c:1438:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char szPath[256];
data/medusa-2.2/src/modsrc/smbnt.c:1442:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy((char *) _psSessionData->workgroup, "localhost");
data/medusa-2.2/src/modsrc/smbnt.c:1450:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char szNBSS[4] = {
data/medusa-2.2/src/modsrc/smbnt.c:1456:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char szSMB[32] = {
data/medusa-2.2/src/modsrc/smbnt.c:1472:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf, szNBSS, 4);
data/medusa-2.2/src/modsrc/smbnt.c:1473:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf +4, szSMB, 32);
data/medusa-2.2/src/modsrc/smbnt.c:1482:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      unsigned char szSessionRequest[23] = {
data/medusa-2.2/src/modsrc/smbnt.c:1500:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + 36, szSessionRequest, 23);
data/medusa-2.2/src/modsrc/smbnt.c:1510:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + iOffset, LMhash, 24);
data/medusa-2.2/src/modsrc/smbnt.c:1518:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      unsigned char szSessionRequest[29] = {
data/medusa-2.2/src/modsrc/smbnt.c:1538:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + 36, szSessionRequest, 29);
data/medusa-2.2/src/modsrc/smbnt.c:1549:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + iOffset + 24, NTLMhash, 24); /* Skip space for LM hash */
data/medusa-2.2/src/modsrc/smbnt.c:1556:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      unsigned char szSessionRequest[29] = {
data/medusa-2.2/src/modsrc/smbnt.c:1576:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + 36, szSessionRequest, 29);
data/medusa-2.2/src/modsrc/smbnt.c:1583:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + iOffset, LMv2hash, 24);
data/medusa-2.2/src/modsrc/smbnt.c:1590:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      unsigned char szSessionRequest[29] = {
data/medusa-2.2/src/modsrc/smbnt.c:1609:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + 36, szSessionRequest, 29);
data/medusa-2.2/src/modsrc/smbnt.c:1616:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + iOffset, LMv2hash, 24);
data/medusa-2.2/src/modsrc/smbnt.c:1628:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf + iOffset + 24, NTLMv2hash, iByteCount);
data/medusa-2.2/src/modsrc/smbnt.c:1638:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char szSessionRequest[23] = {
data/medusa-2.2/src/modsrc/smbnt.c:1655:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + 36, szSessionRequest, 23);
data/medusa-2.2/src/modsrc/smbnt.c:1684:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + iOffset + iByteCount, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smbnt.c:1686:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + iOffset + iByteCount, _psSessionData->workgroup, strlen((char *) _psSessionData->workgroup));
data/medusa-2.2/src/modsrc/smbnt.c:1690:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char *)buf + iOffset + iByteCount, "Unix"); 
data/medusa-2.2/src/modsrc/smbnt.c:1692:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char *)buf + iOffset + iByteCount, "Samba"); 
data/medusa-2.2/src/modsrc/smbnt.c:1706:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char szTreeConnectRequest[9] = {
data/medusa-2.2/src/modsrc/smbnt.c:1715:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + iOffset, szTreeConnectRequest, 9);
data/medusa-2.2/src/modsrc/smbnt.c:1734:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + iOffset, szPath, strlen((char *)szPath));
data/medusa-2.2/src/modsrc/smbnt.c:1738:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char szService[6] = { 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x00 };
data/medusa-2.2/src/modsrc/smbnt.c:1739:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf + iOffset, szService, 6);
data/medusa-2.2/src/modsrc/smbnt.c:1771:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ErrorCode[10];
data/medusa-2.2/src/modsrc/smbnt.c:1860:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf((*psLogin)->pErrorMsg, "Non-existant account. Anonymous success.");
data/medusa-2.2/src/modsrc/smbnt.c:1867:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf((*psLogin)->pErrorMsg, "ADMIN$ - Access Allowed");
data/medusa-2.2/src/modsrc/smbnt.c:1892:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ErrorCode, "0x%6.6X:", SMBerr);
data/medusa-2.2/src/modsrc/smbnt.c:1902:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf((*psLogin)->pErrorMsg, "ADMIN$ - Access Denied");
data/medusa-2.2/src/modsrc/smbnt.c:1909:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf((*psLogin)->pErrorMsg, "ADMIN$ - Share Unavailable");
data/medusa-2.2/src/modsrc/smbnt.c:1923:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ErrorCode, "0x%6.6X:", SMBerr);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:256:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_psSessionData->szHELO, "server.domain");
data/medusa-2.2/src/modsrc/smtp-vrfy.c:264:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_psSessionData->szMAILFROM, "doesnotexist@foofus.net");
data/medusa-2.2/src/modsrc/smtp-vrfy.c:417:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf((char *)bufSend, "STARTTLS\r\n");
data/medusa-2.2/src/modsrc/smtp-vrfy.c:510:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUF_SIZE];
data/medusa-2.2/src/modsrc/smtp-vrfy.c:511:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szVerb[9];
data/medusa-2.2/src/modsrc/smtp.c:248:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_psSessionData->szEHLO, "gerg");
data/medusa-2.2/src/modsrc/smtp.c:391:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf((char *)bufSend, "STARTTLS\r\n");
data/medusa-2.2/src/modsrc/smtp.c:508:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char *)bufSend, "AUTH PLAIN\r\n");
data/medusa-2.2/src/modsrc/smtp.c:578:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf((char *)bufSend, "AUTH LOGIN\r\n");
data/medusa-2.2/src/modsrc/snmp.c:178:41:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          psSessionData->nReadTimeout = atoi(pOpt) * 1000000;
data/medusa-2.2/src/modsrc/snmp.c:188:39:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          psSessionData->nSendDelay = atoi(pOpt);
data/medusa-2.2/src/modsrc/snmp.c:515:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(*szPassword, bufReceive + i + 2, bufReceive[i+1]);
data/medusa-2.2/src/modsrc/snmp.c:536:23:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                      memcpy(*szLocation, bufReceive + i + 6 + 14 + 2, bufReceive[i + 6 + 14 + 1]);
data/medusa-2.2/src/modsrc/snmp.c:562:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ver[3];
data/medusa-2.2/src/modsrc/snmp.c:574:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char type[2];
data/medusa-2.2/src/modsrc/snmp.c:575:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char identid[2];
data/medusa-2.2/src/modsrc/snmp.c:576:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ident[4];
data/medusa-2.2/src/modsrc/snmp.c:577:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errstat[3];
data/medusa-2.2/src/modsrc/snmp.c:578:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errind[3];
data/medusa-2.2/src/modsrc/snmp.c:579:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char objectid[2];
data/medusa-2.2/src/modsrc/snmp.c:580:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char object[12];
data/medusa-2.2/src/modsrc/snmp.c:581:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[3];
data/medusa-2.2/src/modsrc/snmp.c:603:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend, &snmpv1_a, sizeof(snmpv1_a));
data/medusa-2.2/src/modsrc/snmp.c:604:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend + sizeof(snmpv1_a), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/snmp.c:605:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend + sizeof(snmpv1_a) + strlen(szPassword), &snmpv1_r, sizeof(snmpv1_r));
data/medusa-2.2/src/modsrc/snmp.c:627:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ver[3];
data/medusa-2.2/src/modsrc/snmp.c:639:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char type[2];
data/medusa-2.2/src/modsrc/snmp.c:640:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char identid[2];
data/medusa-2.2/src/modsrc/snmp.c:641:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ident[4];
data/medusa-2.2/src/modsrc/snmp.c:642:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errstat[3];
data/medusa-2.2/src/modsrc/snmp.c:643:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errind[3];
data/medusa-2.2/src/modsrc/snmp.c:644:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char objectid[2];
data/medusa-2.2/src/modsrc/snmp.c:645:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char object[12];
data/medusa-2.2/src/modsrc/snmp.c:646:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[2];
data/medusa-2.2/src/modsrc/snmp.c:670:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend, &snmpv1_a, sizeof(snmpv1_a));
data/medusa-2.2/src/modsrc/snmp.c:671:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend + sizeof(snmpv1_a), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/snmp.c:672:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend + sizeof(snmpv1_a) + strlen(szPassword), &snmpv1_w, sizeof(snmpv1_w));
data/medusa-2.2/src/modsrc/ssh.c:259:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(_psSessionData->szBannerMsg, "SSH-2.0-MEDUSA_1.0");
data/medusa-2.2/src/modsrc/telnet.c:306:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
              if (strcasestr((char *)bufReceive, KNOWN_LOGIN_PROMPTS[i]) != '\0')
data/medusa-2.2/src/modsrc/telnet.c:318:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
              if (strcasestr((char *)bufReceive, KNOWN_PWD_PROMPTS[i]) != '\0')
data/medusa-2.2/src/modsrc/telnet.c:424:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUFFER_SIZE];
data/medusa-2.2/src/modsrc/telnet.c:482:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if (strcasestr((char *)bufReceive, KNOWN_PWD_PROMPTS[i]) != '\0')
data/medusa-2.2/src/modsrc/telnet.c:494:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          if (strcasestr((char *)bufReceive, KNOWN_LOGIN_PROMPTS[i]) != '\0')
data/medusa-2.2/src/modsrc/telnet.c:582:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          if (strcasestr((char *)bufReceive, KNOWN_LOGIN_PROMPTS[i]) != '\0')
data/medusa-2.2/src/modsrc/telnet.c:597:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          if (strcasestr((char *)bufReceive, KNOWN_PWD_PROMPTS[i]) != '\0')
data/medusa-2.2/src/modsrc/telnet.c:621:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bufSend[BUFFER_SIZE];
data/medusa-2.2/src/modsrc/telnet.c:625:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szUser[10 + 1];
data/medusa-2.2/src/modsrc/telnet.c:626:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szPass[128 + 1];
data/medusa-2.2/src/modsrc/telnet.c:627:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szErrorMsg[100];
data/medusa-2.2/src/modsrc/telnet.c:697:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(szErrorMsg, "CPF1116 - Next not valid sign-on attempt varies off device."); 
data/medusa-2.2/src/modsrc/telnet.c:707:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(szErrorMsg, "CPF1392 - Next not valid sign-on disables user profile."); 
data/medusa-2.2/src/modsrc/telnet.c:750:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(szErrorMsg, "CPF1109 - Not authorized to subsystem."); 
data/medusa-2.2/src/modsrc/telnet.c:760:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(szErrorMsg, "CPF1110 - Not authorized to work station."); 
data/medusa-2.2/src/modsrc/vnc.c:171:42:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          psSessionData->nMaxAuthSleep = atoi(pOpt);        
data/medusa-2.2/src/modsrc/vnc.c:369:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char key[8];
data/medusa-2.2/src/modsrc/vnc.c:388:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char key[8];
data/medusa-2.2/src/modsrc/vnc.c:443:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char ProtocolVersion[13];
data/medusa-2.2/src/modsrc/vnc.c:478:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ProtocolVersion, "RFB 003.003\n", 12);
data/medusa-2.2/src/modsrc/vnc.c:483:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ProtocolVersion, "RFB 003.007\n", 12);
data/medusa-2.2/src/modsrc/vnc.c:488:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ProtocolVersion, "RFB 003.008\n", 12);
data/medusa-2.2/src/modsrc/vnc.c:494:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ProtocolVersion, "RFB 004.001\n", 12);
data/medusa-2.2/src/modsrc/vnc.c:500:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ProtocolVersion, "RFB 003.003\n", 12);
data/medusa-2.2/src/modsrc/vnc.c:562:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(_psSessionData->szChallenge, bufReceive + 4, 16);
data/medusa-2.2/src/modsrc/vnc.c:581:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(_psSessionData->szChallenge, bufReceive + 4, 24);
data/medusa-2.2/src/modsrc/vnc.c:635:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(szSecurityTypes, bufReceive + 1, nSecurityTypes);
data/medusa-2.2/src/modsrc/vnc.c:677:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(_psSessionData->szChallenge, bufReceive, 16);
data/medusa-2.2/src/modsrc/vnc.c:741:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(_psSessionData->szChallenge, bufReceive, 24);
data/medusa-2.2/src/modsrc/vnc.c:788:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char ms_user[256], ms_passwd[64];
data/medusa-2.2/src/modsrc/vnc.c:789:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char key[8];
data/medusa-2.2/src/modsrc/vnc.c:794:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char client_pub[8];
data/medusa-2.2/src/modsrc/vnc.c:897:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend, client_pub, 8);
data/medusa-2.2/src/modsrc/vnc.c:898:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend + 8, ms_user, sizeof(ms_user));
data/medusa-2.2/src/modsrc/vnc.c:899:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bufSend + 8 + sizeof(ms_user), ms_passwd, sizeof(ms_passwd));
data/medusa-2.2/src/modsrc/vnc.c:975:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf((*psLogin)->pErrorMsg, "User rejected connection request.");
data/medusa-2.2/src/modsrc/web-form.c:330:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(_psSessionData->szFormUser, "username=");
data/medusa-2.2/src/modsrc/web-form.c:334:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(_psSessionData->szFormPass, "password=");
data/medusa-2.2/src/modsrc/web-form.c:388:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(_psSessionData->szFormUser, "username=");
data/medusa-2.2/src/modsrc/web-form.c:392:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(_psSessionData->szFormPass, "password=");
data/medusa-2.2/src/modsrc/web-form.c:401:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(_psSessionData->szUserAgent, "I'm not Mozilla, I'm Ming Mong");
data/medusa-2.2/src/modsrc/web-form.c:407:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(_psSessionData->szDenySignal, "Login Incorrect");
data/medusa-2.2/src/modsrc/web-form.c:488:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(szRet+j,"%%%02x", (unsigned int)szStr[i]);
data/medusa-2.2/src/modsrc/wrapper.c:458:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if ((fopen(_psSessionData->szCmd, "r")) == NULL)
data/medusa-2.2/src/modsrc/wrapper.c:506:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[BUFSIZ + 1];
data/medusa-2.2/src/listModules.c:76:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      iLength = strlen( pszDir ) + 1;
data/medusa-2.2/src/listModules.c:79:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy( pszTarget, pszDir, strlen(pszDir) );
data/medusa-2.2/src/listModules.c:79:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy( pszTarget, pszDir, strlen(pszDir) );
data/medusa-2.2/src/listModules.c:99:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        iLength = strlen( pdeEntry[j]->d_name );
data/medusa-2.2/src/listModules.c:103:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (strcmp( (char*)(pdeEntry[j]->d_name + strlen( pdeEntry[j]->d_name ) - 4), MODULE_EXTENSION ) == 0)
data/medusa-2.2/src/listModules.c:106:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            iLength = strlen( pdeEntry[j]->d_name ) + strlen( pszTarget ) + 2;
data/medusa-2.2/src/listModules.c:106:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            iLength = strlen( pdeEntry[j]->d_name ) + strlen( pszTarget ) + 2;
data/medusa-2.2/src/listModules.c:109:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy( pszLibName, pszTarget, strlen(pszTarget) );
data/medusa-2.2/src/listModules.c:109:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncpy( pszLibName, pszTarget, strlen(pszTarget) );
data/medusa-2.2/src/listModules.c:110:13:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant character.
            strncat( pszLibName, "/", 1 );
data/medusa-2.2/src/listModules.c:111:13:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
            strncat( pszLibName, pdeEntry[j]->d_name, strlen(pdeEntry[j]->d_name) );
data/medusa-2.2/src/listModules.c:111:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncat( pszLibName, pdeEntry[j]->d_name, strlen(pdeEntry[j]->d_name) );
data/medusa-2.2/src/medusa-net.c:294:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      send(s, buf, strlen(buf), 0);
data/medusa-2.2/src/medusa-net.c:297:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strncmp("HTTP/", buf, strlen("HTTP/")) == 0 && (tmpptr = index(buf, ' ')) != NULL && *++tmpptr == '2')
data/medusa-2.2/src/medusa-trace.c:68:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat(bufOut, temp, 6);
data/medusa-2.2/src/medusa-trace.c:155:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat(bufOut, temp, 6);
data/medusa-2.2/src/medusa-utils.c:180:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int len1 = strlen (user) + 1 + strlen (passwd);
data/medusa-2.2/src/medusa-utils.c:180:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int len1 = strlen (user) + 1 + strlen (passwd);
data/medusa-2.2/src/medusa-utils.c:199:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (l = strcspn(a, f); l != strlen(a); l += strcspn(a + l + 1, f) + 1)
data/medusa-2.2/src/medusa-utils.c:200:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strncasecmp(a + l, b, strlen(b)) == 0)
data/medusa-2.2/src/medusa-utils.c:218:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  chunks = ((strlen(fmt) + 1) / CHUNKSIZE) + 1;
data/medusa-2.2/src/medusa.c:150:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psAudit->pGlobalHost = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:151:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psAudit->pGlobalHost, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:152:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(_psAudit->pGlobalHost, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:152:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(_psAudit->pGlobalHost, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:164:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psAudit->pOptHost = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:165:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psAudit->pOptHost, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:166:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(_psAudit->pOptHost, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:166:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(_psAudit->pOptHost, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:178:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psAudit->pGlobalUser = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:179:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psAudit->pGlobalUser, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:180:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(_psAudit->pGlobalUser, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:180:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(_psAudit->pGlobalUser, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:193:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psAudit->pOptUser = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:194:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psAudit->pOptUser, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:195:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(_psAudit->pOptUser, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:195:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(_psAudit->pOptUser, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:207:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psAudit->pGlobalPass = malloc( strlen(optarg) + 2 );
data/medusa-2.2/src/medusa.c:208:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psAudit->pGlobalPass, 0, strlen(optarg) + 2);
data/medusa-2.2/src/medusa.c:209:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(_psAudit->pGlobalPass, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:209:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(_psAudit->pGlobalPass, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:222:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psAudit->pOptPass = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:223:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psAudit->pOptPass, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:224:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(_psAudit->pOptPass, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:224:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(_psAudit->pOptPass, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:229:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      _psAudit->pOptCombo = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:230:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(_psAudit->pOptCombo, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:231:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(_psAudit->pOptCombo, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:231:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(_psAudit->pOptCombo, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:234:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      _psAudit->pOptOutput = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:235:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(_psAudit->pOptOutput, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:236:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(_psAudit->pOptOutput, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:236:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(_psAudit->pOptOutput, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:291:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      szModuleName = malloc(strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:292:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(szModuleName, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:293:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(szModuleName, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:293:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(szModuleName, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:298:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      szTempModuleParam = malloc(strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:299:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(szTempModuleParam, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:300:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(szTempModuleParam, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:300:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(szTempModuleParam, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:326:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      _psAudit->pOptResume = malloc( strlen(optarg) + 1 );
data/medusa-2.2/src/medusa.c:327:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(_psAudit->pOptResume, 0, strlen(optarg) + 1);
data/medusa-2.2/src/medusa.c:328:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(_psAudit->pOptResume, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:328:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(_psAudit->pOptResume, optarg, strlen(optarg));
data/medusa-2.2/src/medusa.c:400:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nPathLength = strlen(szModulePaths[i]) + strlen(pModuleName) + strlen(MODULE_EXTENSION) + 2;  // Going to add a slash too
data/medusa-2.2/src/medusa.c:400:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nPathLength = strlen(szModulePaths[i]) + strlen(pModuleName) + strlen(MODULE_EXTENSION) + 2;  // Going to add a slash too
data/medusa-2.2/src/medusa.c:400:70:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nPathLength = strlen(szModulePaths[i]) + strlen(pModuleName) + strlen(MODULE_EXTENSION) + 2;  // Going to add a slash too
data/medusa-2.2/src/medusa.c:403:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(modPath, szModulePaths[i], strlen(szModulePaths[i]));
data/medusa-2.2/src/medusa.c:403:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(modPath, szModulePaths[i], strlen(szModulePaths[i]));
data/medusa-2.2/src/medusa.c:404:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant character.
      strncat(modPath, "/", 1);
data/medusa-2.2/src/medusa.c:405:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat(modPath, pModuleName, strlen(pModuleName));
data/medusa-2.2/src/medusa.c:405:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncat(modPath, pModuleName, strlen(pModuleName));
data/medusa-2.2/src/medusa.c:406:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat(modPath, MODULE_EXTENSION, strlen(MODULE_EXTENSION));
data/medusa-2.2/src/medusa.c:406:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncat(modPath, MODULE_EXTENSION, strlen(MODULE_EXTENSION));
data/medusa-2.2/src/medusa.c:490:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          stFileSize += strlen(tmp) + 1;
data/medusa-2.2/src/medusa.c:520:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (tmp[strlen(tmp) - 1] == '\n') tmp[strlen(tmp) - 1] = '\0';
data/medusa-2.2/src/medusa.c:520:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (tmp[strlen(tmp) - 1] == '\n') tmp[strlen(tmp) - 1] = '\0';
data/medusa-2.2/src/medusa.c:521:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (tmp[strlen(tmp) - 1] == '\r') tmp[strlen(tmp) - 1] = '\0';
data/medusa-2.2/src/medusa.c:521:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (tmp[strlen(tmp) - 1] == '\r') tmp[strlen(tmp) - 1] = '\0';
data/medusa-2.2/src/medusa.c:522:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memcpy(ptr, tmp, strlen(tmp) + 1);
data/medusa-2.2/src/medusa.c:523:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          ptr += strlen(tmp) + 1;
data/medusa-2.2/src/medusa.c:965:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      psHost->pHost = malloc( strlen(pHost) + 1 );
data/medusa-2.2/src/medusa.c:966:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(psHost->pHost, 0, strlen(pHost) + 1);
data/medusa-2.2/src/medusa.c:967:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(psHost->pHost, pHost, strlen(pHost) + 1);
data/medusa-2.2/src/medusa.c:967:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(psHost->pHost, pHost, strlen(pHost) + 1);
data/medusa-2.2/src/medusa.c:1009:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        psUser->pUser = malloc( strlen(pUser) + 1 );
data/medusa-2.2/src/medusa.c:1010:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(psUser->pUser, 0, strlen(pUser) + 1);
data/medusa-2.2/src/medusa.c:1011:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(psUser->pUser, pUser, strlen(pUser));
data/medusa-2.2/src/medusa.c:1011:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(psUser->pUser, pUser, strlen(pUser));
data/medusa-2.2/src/medusa.c:1033:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        psPass->pPass = malloc( strlen(pPass) + 1 );
data/medusa-2.2/src/medusa.c:1034:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(psPass->pPass, 0, strlen(pPass) + 1);
data/medusa-2.2/src/medusa.c:1035:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(psPass->pPass, pPass, strlen(pPass));
data/medusa-2.2/src/medusa.c:1035:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(psPass->pPass, pPass, strlen(pPass));
data/medusa-2.2/src/medusa.c:1485:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  psCredSetMissed->pPass = malloc(strlen(_psCredSet->pPass) + 1);
data/medusa-2.2/src/medusa.c:1486:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(psCredSetMissed->pPass, 0, strlen(_psCredSet->pPass) + 1);
data/medusa-2.2/src/medusa.c:1487:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(psCredSetMissed->pPass, _psCredSet->pPass, strlen(_psCredSet->pPass));
data/medusa-2.2/src/medusa.c:1487:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(psCredSetMissed->pPass, _psCredSet->pPass, strlen(_psCredSet->pPass));
data/medusa-2.2/src/medusa.c:1757:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nUserMapSize = strlen(szResumeMap); /* single, or last, host resume */ 
data/medusa-2.2/src/medusa.c:1764:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(szUserMap, szResumeMap, nUserMapSize);
data/medusa-2.2/src/medusa.c:1927:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat(szResumeMap, szTmp, 10);
data/medusa-2.2/src/medusa.c:1940:11:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
          strncat(szResumeMap, szTmp, 10);
data/medusa-2.2/src/medusa.c:1952:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
        strncat(szResumeMap, szTmp, 10);
data/medusa-2.2/src/medusa.c:1969:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
    strncat(szResumeMap, szTmp, 8);
data/medusa-2.2/src/medusa.c:1973:3:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant character.
  strncat(szResumeMap, ".", 1);
data/medusa-2.2/src/modsrc/afp.c:89:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/afp.c:89:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/afp.c:89:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/afp.c:126:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/afp.c:127:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/afp.c:128:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/afp.c:128:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/afp.c:259:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(url.uamname) > 0) 
data/medusa-2.2/src/modsrc/afp.c:346:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBAFP_WARNING) + 1;
data/medusa-2.2/src/modsrc/afp.c:346:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBAFP_WARNING) + 1;
data/medusa-2.2/src/modsrc/afp.c:346:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBAFP_WARNING) + 1;
data/medusa-2.2/src/modsrc/afp.c:346:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBAFP_WARNING) + 1;
data/medusa-2.2/src/modsrc/cvs.c:77:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/cvs.c:77:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/cvs.c:77:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/cvs.c:121:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/cvs.c:122:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/cvs.c:123:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/cvs.c:123:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/cvs.c:135:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDir = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/cvs.c:136:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDir, 0, (strlen(pOpt) + 1));
data/medusa-2.2/src/modsrc/cvs.c:137:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *)psSessionData->szDir, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/cvs.c:137:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *)psSessionData->szDir, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/cvs.c:307:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(szPassword) > 92)
data/medusa-2.2/src/modsrc/cvs.c:313:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szPassTmp = malloc(strlen(szPassword) + 1);
data/medusa-2.2/src/modsrc/cvs.c:314:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szPassTmp, 0, strlen(szPassword) + 1);
data/medusa-2.2/src/modsrc/cvs.c:315:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szPassTmp, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/cvs.c:315:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(szPassTmp, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/cvs.c:317:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen(szPassTmp); i++)
data/medusa-2.2/src/modsrc/cvs.c:320:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szDir) + strlen(szLogin) + strlen(szPassTmp) + 56;
data/medusa-2.2/src/modsrc/cvs.c:320:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szDir) + strlen(szLogin) + strlen(szPassTmp) + 56;
data/medusa-2.2/src/modsrc/cvs.c:320:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szDir) + strlen(szLogin) + strlen(szPassTmp) + 56;
data/medusa-2.2/src/modsrc/ftp.c:85:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ftp.c:85:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ftp.c:85:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ftp.c:150:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/ftp.c:151:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/ftp.c:152:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/ftp.c:152:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/ftp.c:382:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/ftp.c:427:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/ftp.c:465:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/ftp.c:507:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/http-digest.c:58:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      MD5_Update(&Md5Ctx, pszUserName, strlen(pszUserName));
data/medusa-2.2/src/modsrc/http-digest.c:60:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      MD5_Update(&Md5Ctx, pszRealm, strlen(pszRealm));
data/medusa-2.2/src/modsrc/http-digest.c:62:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      MD5_Update(&Md5Ctx, pszPassword, strlen(pszPassword));
data/medusa-2.2/src/modsrc/http-digest.c:67:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            MD5_Update(&Md5Ctx, SessionKey, strlen(SessionKey));
data/medusa-2.2/src/modsrc/http-digest.c:69:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            MD5_Update(&Md5Ctx, pszNonce, strlen(pszNonce));
data/medusa-2.2/src/modsrc/http-digest.c:71:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            MD5_Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
data/medusa-2.2/src/modsrc/http-digest.c:97:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      MD5_Update(&Md5Ctx, pszMethod, strlen(pszMethod));
data/medusa-2.2/src/modsrc/http-digest.c:99:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      MD5_Update(&Md5Ctx, pszDigestUri, strlen(pszDigestUri));
data/medusa-2.2/src/modsrc/http-digest.c:111:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      MD5_Update(&Md5Ctx, pszNonce, strlen(pszNonce));
data/medusa-2.2/src/modsrc/http-digest.c:115:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          MD5_Update(&Md5Ctx, pszNonceCount, strlen(pszNonceCount));
data/medusa-2.2/src/modsrc/http-digest.c:117:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          MD5_Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
data/medusa-2.2/src/modsrc/http-digest.c:119:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          MD5_Update(&Md5Ctx, pszQop, strlen(pszQop));
data/medusa-2.2/src/modsrc/http.c:96:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/http.c:96:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/http.c:96:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/http.c:149:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/http.c:150:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/http.c:151:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/http.c:151:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/http.c:163:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDir = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:164:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDir, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:165:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szDir, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:165:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szDir, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:177:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szUserAgent = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:178:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szUserAgent, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:179:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szUserAgent, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:179:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szUserAgent, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:192:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            psSessionData->szCustomHeader = malloc(strlen(pOpt) + 3);
data/medusa-2.2/src/modsrc/http.c:194:105:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            psSessionData->szCustomHeader = realloc(psSessionData->szCustomHeader, nCustomHeadersSize + strlen(pOpt) + 3);
data/medusa-2.2/src/modsrc/http.c:196:73:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szCustomHeader + nCustomHeadersSize, 0, strlen(pOpt) + 3);
data/medusa-2.2/src/modsrc/http.c:197:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szCustomHeader + nCustomHeadersSize, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/http.c:197:77:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szCustomHeader + nCustomHeadersSize, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/http.c:198:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
          strncpy(psSessionData->szCustomHeader + nCustomHeadersSize + strlen(pOpt), "\r\n", 2);
data/medusa-2.2/src/modsrc/http.c:198:72:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szCustomHeader + nCustomHeadersSize + strlen(pOpt), "\r\n", 2);
data/medusa-2.2/src/modsrc/http.c:199:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCustomHeadersSize = strlen(psSessionData->szCustomHeader);
data/medusa-2.2/src/modsrc/http.c:227:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDomain = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:228:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDomain, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/http.c:229:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/http.c:229:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/http.c:297:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nBufLength = strlen(_psLogin->psServer->psHost->pHost) + 1 + log(params.nPort) + 1;
data/medusa-2.2/src/modsrc/http.c:406:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:406:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:407:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 2 + strlen(_psSessionData->szCustomHeader) + 2; 
data/medusa-2.2/src/modsrc/http.c:407:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 2 + strlen(_psSessionData->szCustomHeader) + 2; 
data/medusa-2.2/src/modsrc/http.c:473:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szLoginDomain = malloc(strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/http.c:473:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szLoginDomain = malloc(strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/http.c:474:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szLoginDomain, 0, strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/http.c:474:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szLoginDomain, 0, strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/http.c:487:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:487:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:488:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 23 + strlen(szEncodedAuth) + 
data/medusa-2.2/src/modsrc/http.c:488:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 23 + strlen(szEncodedAuth) + 
data/medusa-2.2/src/modsrc/http.c:489:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    2 + strlen(_psSessionData->szCustomHeader) + 2;
data/medusa-2.2/src/modsrc/http.c:532:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:532:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:533:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 22 + strlen(szTmpBuf64) + 26 +
data/medusa-2.2/src/modsrc/http.c:533:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 22 + strlen(szTmpBuf64) + 26 +
data/medusa-2.2/src/modsrc/http.c:534:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(_psSessionData->szCustomHeader) + 2;
data/medusa-2.2/src/modsrc/http.c:595:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:595:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:596:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 22 + strlen(szTmpBuf64) + 21 + 
data/medusa-2.2/src/modsrc/http.c:596:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 22 + strlen(szTmpBuf64) + 21 + 
data/medusa-2.2/src/modsrc/http.c:597:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(_psSessionData->szCustomHeader) + 2;
data/medusa-2.2/src/modsrc/http.c:645:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szURI = malloc(strlen(_psSessionData->szDir) + 1);
data/medusa-2.2/src/modsrc/http.c:646:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szURI, 0, strlen(_psSessionData->szDir) + 1);
data/medusa-2.2/src/modsrc/http.c:647:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
    strncat(szURI, _psSessionData->szDir, strlen(_psSessionData->szDir));
data/medusa-2.2/src/modsrc/http.c:647:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncat(szURI, _psSessionData->szDir, strlen(_psSessionData->szDir));
data/medusa-2.2/src/modsrc/http.c:651:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szURI = malloc(1 + strlen(_psSessionData->szDir) + 1);
data/medusa-2.2/src/modsrc/http.c:652:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szURI, 0, 1 + strlen(_psSessionData->szDir) + 1);
data/medusa-2.2/src/modsrc/http.c:653:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant character.
    strncat(szURI, "/", 1);
data/medusa-2.2/src/modsrc/http.c:654:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
    strncat(szURI, _psSessionData->szDir, strlen(_psSessionData->szDir));
data/medusa-2.2/src/modsrc/http.c:654:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncat(szURI, _psSessionData->szDir, strlen(_psSessionData->szDir));
data/medusa-2.2/src/modsrc/http.c:660:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:660:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:661:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 26 + strlen(_psSessionData->szCustomHeader) + 2;
data/medusa-2.2/src/modsrc/http.c:661:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 26 + strlen(_psSessionData->szCustomHeader) + 2;
data/medusa-2.2/src/modsrc/http.c:710:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szAuthenticate, szTmp, szTmp1 - szTmp);
data/medusa-2.2/src/modsrc/http.c:754:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(szRealm, szTmp, szTmp1 - szTmp);
data/medusa-2.2/src/modsrc/http.c:773:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(szNonce, szTmp, szTmp1 - szTmp);
data/medusa-2.2/src/modsrc/http.c:792:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(szQop, szTmp, szTmp1 - szTmp);
data/medusa-2.2/src/modsrc/http.c:810:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(szOpaque, szTmp, szTmp1 - szTmp);
data/medusa-2.2/src/modsrc/http.c:847:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 17 + strlen(szLogin) + 10 + strlen(szRealm) + 10 + strlen(szNonce) + 8 + strlen(szURI) + 14 + strlen(szAlg) + 13 + strlen((char*)Response);
data/medusa-2.2/src/modsrc/http.c:847:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 17 + strlen(szLogin) + 10 + strlen(szRealm) + 10 + strlen(szNonce) + 8 + strlen(szURI) + 14 + strlen(szAlg) + 13 + strlen((char*)Response);
data/medusa-2.2/src/modsrc/http.c:847:72:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 17 + strlen(szLogin) + 10 + strlen(szRealm) + 10 + strlen(szNonce) + 8 + strlen(szURI) + 14 + strlen(szAlg) + 13 + strlen((char*)Response);
data/medusa-2.2/src/modsrc/http.c:847:94:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 17 + strlen(szLogin) + 10 + strlen(szRealm) + 10 + strlen(szNonce) + 8 + strlen(szURI) + 14 + strlen(szAlg) + 13 + strlen((char*)Response);
data/medusa-2.2/src/modsrc/http.c:847:115:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 17 + strlen(szLogin) + 10 + strlen(szRealm) + 10 + strlen(szNonce) + 8 + strlen(szURI) + 14 + strlen(szAlg) + 13 + strlen((char*)Response);
data/medusa-2.2/src/modsrc/http.c:847:136:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 17 + strlen(szLogin) + 10 + strlen(szRealm) + 10 + strlen(szNonce) + 8 + strlen(szURI) + 14 + strlen(szAlg) + 13 + strlen((char*)Response);
data/medusa-2.2/src/modsrc/http.c:857:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nSendBufferSize += 7 + strlen(szQop) + 5 + strlen(szNonceCount) + 10 + strlen(szCNonce) + 1;
data/medusa-2.2/src/modsrc/http.c:857:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nSendBufferSize += 7 + strlen(szQop) + 5 + strlen(szNonceCount) + 10 + strlen(szCNonce) + 1;
data/medusa-2.2/src/modsrc/http.c:857:76:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nSendBufferSize += 7 + strlen(szQop) + 5 + strlen(szNonceCount) + 10 + strlen(szCNonce) + 1;
data/medusa-2.2/src/modsrc/http.c:863:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nSendBufferSize += 10 + strlen(szOpaque) + 1; 
data/medusa-2.2/src/modsrc/http.c:889:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:889:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szDir) + 17 + strlen(_psSessionData->szHostHeader) +
data/medusa-2.2/src/modsrc/http.c:890:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 17 + strlen(szAuthorization) + 26 +
data/medusa-2.2/src/modsrc/http.c:890:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    14 + strlen(_psSessionData->szUserAgent) + 17 + strlen(szAuthorization) + 26 +
data/medusa-2.2/src/modsrc/http.c:891:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(_psSessionData->szCustomHeader) + 2;
data/medusa-2.2/src/modsrc/http.c:964:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szStatusCode, pTemp, 3);
data/medusa-2.2/src/modsrc/http.c:1001:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      (*login)->pErrorMsg = malloc( 24 + strlen(pTemp) + 1 );
data/medusa-2.2/src/modsrc/http.c:1002:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset((*login)->pErrorMsg, 0, 24 + strlen(pTemp) + 1 );
data/medusa-2.2/src/modsrc/http.c:1023:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/http.c:1023:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/http.c:1023:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/http.c:1023:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/imap.c:95:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/imap.c:95:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/imap.c:95:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/imap.c:154:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/imap.c:155:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/imap.c:156:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/imap.c:156:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/imap.c:168:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szTag = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/imap.c:169:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szTag, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/imap.c:170:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szTag, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/imap.c:170:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szTag, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/imap.c:198:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDomain = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/imap.c:199:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDomain, 0, strlen(pOpt) + 1); 
data/medusa-2.2/src/modsrc/imap.c:200:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/imap.c:200:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/imap.c:392:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szTag) + 13;
data/medusa-2.2/src/modsrc/imap.c:397:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:419:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bufSend = malloc(strlen(_psSessionData->szTag) + 11 + 1);
data/medusa-2.2/src/modsrc/imap.c:420:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(bufSend, 0, strlen(_psSessionData->szTag) + 11 + 1);
data/medusa-2.2/src/modsrc/imap.c:422:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:450:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nSendBufferSize = strlen(_psSessionData->szTag) + 13;
data/medusa-2.2/src/modsrc/imap.c:455:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:509:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szTag) + 7 + strlen(szLogin) + 1 + strlen(szPassword) + 4 + 2; 
data/medusa-2.2/src/modsrc/imap.c:509:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szTag) + 7 + strlen(szLogin) + 1 + strlen(szPassword) + 4 + 2; 
data/medusa-2.2/src/modsrc/imap.c:509:79:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szTag) + 7 + strlen(szLogin) + 1 + strlen(szPassword) + 4 + 2; 
data/medusa-2.2/src/modsrc/imap.c:524:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:545:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szTag) + 21;
data/medusa-2.2/src/modsrc/imap.c:550:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:565:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword); 
data/medusa-2.2/src/modsrc/imap.c:565:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword); 
data/medusa-2.2/src/modsrc/imap.c:565:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword); 
data/medusa-2.2/src/modsrc/imap.c:571:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(szTmp, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/imap.c:572:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(szTmp + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/imap.c:572:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(szTmp + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/imap.c:573:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(szTmp + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword)); 
data/medusa-2.2/src/modsrc/imap.c:573:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(szTmp + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword)); 
data/medusa-2.2/src/modsrc/imap.c:573:73:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(szTmp + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword)); 
data/medusa-2.2/src/modsrc/imap.c:581:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szEncodedAuth) + 2;
data/medusa-2.2/src/modsrc/imap.c:587:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:618:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(_psSessionData->szTag) + 21;
data/medusa-2.2/src/modsrc/imap.c:623:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:648:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szTmpBuf64) + 2;
data/medusa-2.2/src/modsrc/imap.c:655:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/imap.c:689:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szTmpBuf64) + 2;
data/medusa-2.2/src/modsrc/mssql.c:96:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/mssql.c:96:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/mssql.c:96:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/mssql.c:462:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(ms_login, szLogin, MSLEN);
data/medusa-2.2/src/modsrc/mssql.c:463:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(ms_pass, szPassword, MSLEN);
data/medusa-2.2/src/modsrc/mssql.c:466:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  len_login = (unsigned char)strlen(ms_login);
data/medusa-2.2/src/modsrc/mssql.c:467:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  len_pass = (unsigned char)strlen(ms_pass);
data/medusa-2.2/src/modsrc/mssql.c:547:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/mssql.c:547:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/mssql.c:547:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/mssql.c:547:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/mysql.c:92:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/mysql.c:92:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/mysql.c:92:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/mysql.c:147:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/mysql.c:148:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/mysql.c:149:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/mysql.c:149:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/mysql.c:408:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strlen(password) != 16)
data/medusa-2.2/src/modsrc/mysql.c:414:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      hash_password(hash_pass, password, strlen(password));
data/medusa-2.2/src/modsrc/mysql.c:441:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ( (strncmp(password, "*", 1) == 0) && (strlen(password) == 2 * SHA1_HASH_SIZE + 1) )  
data/medusa-2.2/src/modsrc/mysql.c:445:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  sha1_input(&sha1_context, (uint8 *) password, strlen(password));
data/medusa-2.2/src/modsrc/mysql.c:466:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int login_len = strlen(szLogin) > 16 ? 16 : strlen(szLogin);
data/medusa-2.2/src/modsrc/mysql.c:466:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int login_len = strlen(szLogin) > 16 ? 16 : strlen(szLogin);
data/medusa-2.2/src/modsrc/mysql.c:490:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char*)response + 9, szLogin, login_len);
data/medusa-2.2/src/modsrc/mysql.c:532:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int login_len = strlen(szLogin) > 16 ? 16 : strlen(szLogin);
data/medusa-2.2/src/modsrc/mysql.c:532:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int login_len = strlen(szLogin) > 16 ? 16 : strlen(szLogin);
data/medusa-2.2/src/modsrc/mysql.c:567:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char*)response + 36, szLogin, login_len);  /* NULL terminated username */
data/medusa-2.2/src/modsrc/mysql.c:649:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memcpy(*szSessionSalt, bufReceive + strlen(szServerVersion) + 10, 9);
data/medusa-2.2/src/modsrc/mysql.c:650:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memcpy(*szSessionSalt+8 , bufReceive + strlen(szServerVersion) + 37 , 12); 
data/medusa-2.2/src/modsrc/mysql.c:652:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(*szSessionSalt) != 20)
data/medusa-2.2/src/modsrc/mysql.c:668:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memcpy(*szSessionSalt, bufReceive + strlen(szServerVersion) + 10, 9);
data/medusa-2.2/src/modsrc/mysql.c:670:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(*szSessionSalt) != 8) {
data/medusa-2.2/src/modsrc/mysql.c:705:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(szSessionSalt) == 8 || _psSessionData->protoFlag == PROTO_OLD)
data/medusa-2.2/src/modsrc/ncp.c:85:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ncp.c:85:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ncp.c:85:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ncp.c:145:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/ncp.c:146:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/ncp.c:147:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/ncp.c:147:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/ncp.c:159:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->context = malloc(strlen(pOpt));
data/medusa-2.2/src/modsrc/ncp.c:160:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *)psSessionData->context, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/ncp.c:160:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *)psSessionData->context, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/ncp.c:212:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          szUserContext = malloc(strlen(psCredSet->psUser->pUser) + strlen(_psSessionData->context) + 1);
data/medusa-2.2/src/modsrc/ncp.c:212:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          szUserContext = malloc(strlen(psCredSet->psUser->pUser) + strlen(_psSessionData->context) + 1);
data/medusa-2.2/src/modsrc/ncp.c:213:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(szUserContext, 0, strlen(psCredSet->psUser->pUser) + strlen(_psSessionData->context) + 1);
data/medusa-2.2/src/modsrc/ncp.c:213:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(szUserContext, 0, strlen(psCredSet->psUser->pUser) + strlen(_psSessionData->context) + 1);
data/medusa-2.2/src/modsrc/ncp.c:214:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szUserContext, psCredSet->psUser->pUser, strlen(psCredSet->psUser->pUser));
data/medusa-2.2/src/modsrc/ncp.c:214:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szUserContext, psCredSet->psUser->pUser, strlen(psCredSet->psUser->pUser));
data/medusa-2.2/src/modsrc/ncp.c:215:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szUserContext + strlen(psCredSet->psUser->pUser), _psSessionData->context, strlen(_psSessionData->context));
data/medusa-2.2/src/modsrc/ncp.c:215:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szUserContext + strlen(psCredSet->psUser->pUser), _psSessionData->context, strlen(_psSessionData->context));
data/medusa-2.2/src/modsrc/ncp.c:215:94:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szUserContext + strlen(psCredSet->psUser->pUser), _psSessionData->context, strlen(_psSessionData->context));
data/medusa-2.2/src/modsrc/ncp.c:367:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t l = strlen(szPassword);
data/medusa-2.2/src/modsrc/ncp.c:413:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      (*psLogin)->pErrorMsg = malloc( strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/ncp.c:413:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      (*psLogin)->pErrorMsg = malloc( strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/ncp.c:414:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset((*psLogin)->pErrorMsg, 0, strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/ncp.c:414:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset((*psLogin)->pErrorMsg, 0, strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/ncp.c:415:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy((*psLogin)->pErrorMsg, ErrorCode, strlen(ErrorCode));
data/medusa-2.2/src/modsrc/ncp.c:415:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy((*psLogin)->pErrorMsg, ErrorCode, strlen(ErrorCode));
data/medusa-2.2/src/modsrc/ncp.c:416:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat((*psLogin)->pErrorMsg, pErrorMsg, strlen(pErrorMsg));
data/medusa-2.2/src/modsrc/ncp.c:416:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncat((*psLogin)->pErrorMsg, pErrorMsg, strlen(pErrorMsg));
data/medusa-2.2/src/modsrc/ncp.c:436:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBNCP_WARNING) + 1;
data/medusa-2.2/src/modsrc/ncp.c:436:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBNCP_WARNING) + 1;
data/medusa-2.2/src/modsrc/ncp.c:436:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBNCP_WARNING) + 1;
data/medusa-2.2/src/modsrc/ncp.c:436:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBNCP_WARNING) + 1;
data/medusa-2.2/src/modsrc/nntp.c:82:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/nntp.c:82:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/nntp.c:82:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/nntp.c:238:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/nntp.c:285:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/nntp.c:328:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/nntp.c:355:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen((char*)szPassword) == 0) 
data/medusa-2.2/src/modsrc/nntp.c:360:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/ntlm.c:128:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define RW_PCVAL(read,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:129:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { if (read) { PCVAL (inbuf,0,outbuf,len); } \
data/medusa-2.2/src/modsrc/ntlm.c:132:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define RW_PIVAL(read,big_endian,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:133:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { if (read) { if (big_endian) { RPIVAL(inbuf,0,outbuf,len); } else { PIVAL(inbuf,0,outbuf,len); } } \
data/medusa-2.2/src/modsrc/ntlm.c:136:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define RW_PSVAL(read,big_endian,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:137:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { if (read) { if (big_endian) { RPSVAL(inbuf,0,outbuf,len); } else { PSVAL(inbuf,0,outbuf,len); } } \
data/medusa-2.2/src/modsrc/ntlm.c:140:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define RW_CVAL(read, inbuf, outbuf, offset) \
data/medusa-2.2/src/modsrc/ntlm.c:141:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { if (read) { (outbuf) = CVAL (inbuf,offset); } \
data/medusa-2.2/src/modsrc/ntlm.c:144:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define RW_IVAL(read, big_endian, inbuf, outbuf, offset) \
data/medusa-2.2/src/modsrc/ntlm.c:145:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { if (read) { (outbuf) = ((big_endian) ? RIVAL(inbuf,offset) : IVAL (inbuf,offset)); } \
data/medusa-2.2/src/modsrc/ntlm.c:148:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define RW_SVAL(read, big_endian, inbuf, outbuf, offset) \
data/medusa-2.2/src/modsrc/ntlm.c:149:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { if (read) { (outbuf) = ((big_endian) ? RSVAL(inbuf,offset) : SVAL (inbuf,offset)); } \
data/medusa-2.2/src/modsrc/ntlm.c:249:49:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define DBG_RW_PCVAL(charmode,string,depth,base,read,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:250:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { RW_PCVAL(read,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:257:49:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define DBG_RW_PSVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:258:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { RW_PSVAL(read,big_endian,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:265:49:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define DBG_RW_PIVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:266:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { RW_PIVAL(read,big_endian,inbuf,outbuf,len) \
data/medusa-2.2/src/modsrc/ntlm.c:273:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define DBG_RW_CVAL(string,depth,base,read,inbuf,outbuf) \
data/medusa-2.2/src/modsrc/ntlm.c:274:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { RW_CVAL(read,inbuf,outbuf,0) \
data/medusa-2.2/src/modsrc/ntlm.c:278:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define DBG_RW_SVAL(string,depth,base,read,big_endian,inbuf,outbuf) \
data/medusa-2.2/src/modsrc/ntlm.c:279:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { RW_SVAL(read,big_endian,inbuf,outbuf,0) \
data/medusa-2.2/src/modsrc/ntlm.c:283:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define DBG_RW_IVAL(string,depth,base,read,big_endian,inbuf,outbuf) \
data/medusa-2.2/src/modsrc/ntlm.c:284:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  { RW_IVAL(read,big_endian,inbuf,outbuf,0) \
data/medusa-2.2/src/modsrc/ntlm.c:841:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  len = strlen(src);
data/medusa-2.2/src/modsrc/ntlm.c:939:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  len = strlen((char *)passwd);
data/medusa-2.2/src/modsrc/ntlm.c:965:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  dump_data(120, passwd, strlen(passwd));
data/medusa-2.2/src/modsrc/ntlm.c:980:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  dump_data(120, passwd, strlen(passwd));
data/medusa-2.2/src/modsrc/ntlm.c:1084:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p) len = strlen(p); \
data/medusa-2.2/src/modsrc/ntlm.c:1095:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  len = strlen(p); \
data/medusa-2.2/src/modsrc/ntlm.c:1138:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t l = strlen(p);
data/medusa-2.2/src/modsrc/ntlm.c:1187:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  assert(strlen(host) < 128);
data/medusa-2.2/src/modsrc/ntlm.c:1190:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  assert(strlen(domain) < 128);
data/medusa-2.2/src/modsrc/ntlm.c:1263:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  assert(strlen(domain) < 128);
data/medusa-2.2/src/modsrc/ntlm.c:1266:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  assert(strlen(u) < 128);
data/medusa-2.2/src/modsrc/ntlm.c:1269:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  assert(strlen(w) < 128);
data/medusa-2.2/src/modsrc/pcanywhere.c:99:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/pcanywhere.c:99:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/pcanywhere.c:99:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/pcanywhere.c:143:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/pcanywhere.c:144:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/pcanywhere.c:145:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/pcanywhere.c:145:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/pcanywhere.c:157:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->domain, pOpt, 16);
data/medusa-2.2/src/modsrc/pcanywhere.c:158:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->domain + strlen(psSessionData->domain) + 1, 0x5C, 1); // '\'
data/medusa-2.2/src/modsrc/pcanywhere.c:300:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(plaintext) > 0)
data/medusa-2.2/src/modsrc/pcanywhere.c:304:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 1; i < strlen(plaintext); i++)
data/medusa-2.2/src/modsrc/pcanywhere.c:357:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bufSend[1] = strlen(clogin);
data/medusa-2.2/src/modsrc/pcanywhere.c:358:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((char*)bufSend + 2, clogin, BUF_SIZE - 3);
data/medusa-2.2/src/modsrc/pcanywhere.c:359:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nSendBufferSize = strlen(clogin) + 2;
data/medusa-2.2/src/modsrc/pcanywhere.c:364:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(szDomain) > 0) {
data/medusa-2.2/src/modsrc/pcanywhere.c:370:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      szTmp = malloc(strlen(szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/pcanywhere.c:370:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      szTmp = malloc(strlen(szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/pcanywhere.c:371:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(szTmp, 0, strlen(szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/pcanywhere.c:371:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(szTmp, 0, strlen(szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/pcanywhere.c:372:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(szTmp, szDomain, strlen(szDomain));
data/medusa-2.2/src/modsrc/pcanywhere.c:372:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(szTmp, szDomain, strlen(szDomain));
data/medusa-2.2/src/modsrc/pcanywhere.c:373:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(szTmp + strlen(szDomain), '\\', 1);
data/medusa-2.2/src/modsrc/pcanywhere.c:374:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(szTmp + strlen(szDomain) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pcanywhere.c:374:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(szTmp + strlen(szDomain) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pcanywhere.c:374:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(szTmp + strlen(szDomain) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pcanywhere.c:381:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      bufSend[1] = strlen(clogin);
data/medusa-2.2/src/modsrc/pcanywhere.c:382:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy((char*)bufSend + 2, clogin, BUF_SIZE - 3);
data/medusa-2.2/src/modsrc/pcanywhere.c:383:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nSendBufferSize = strlen(clogin) + 2;
data/medusa-2.2/src/modsrc/pcanywhere.c:391:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      bufSend[1] = strlen(clogin) + 1;
data/medusa-2.2/src/modsrc/pcanywhere.c:393:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy((char*)bufSend + 3, clogin, BUF_SIZE - 4);
data/medusa-2.2/src/modsrc/pcanywhere.c:394:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nSendBufferSize = strlen(clogin) + 3;
data/medusa-2.2/src/modsrc/pcanywhere.c:448:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[1] = strlen(cpass);
data/medusa-2.2/src/modsrc/pcanywhere.c:449:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char*)bufSend + 2, cpass, BUF_SIZE - 3);
data/medusa-2.2/src/modsrc/pcanywhere.c:450:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(cpass) + 2;
data/medusa-2.2/src/modsrc/pop3.c:90:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/pop3.c:90:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/pop3.c:90:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/pop3.c:143:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/pop3.c:144:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/pop3.c:145:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/pop3.c:145:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/pop3.c:187:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDomain = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/pop3.c:188:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDomain, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/pop3.c:189:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/pop3.c:189:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/pop3.c:293:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:416:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:482:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:514:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:540:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
data/medusa-2.2/src/modsrc/pop3.c:540:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
data/medusa-2.2/src/modsrc/pop3.c:540:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
data/medusa-2.2/src/modsrc/pop3.c:543:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szTmpBuf, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pop3.c:543:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(szTmpBuf, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pop3.c:544:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szTmpBuf + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pop3.c:544:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(szTmpBuf + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pop3.c:544:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(szTmpBuf + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/pop3.c:545:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/pop3.c:545:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/pop3.c:545:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/pop3.c:545:77:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/pop3.c:552:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc(11 + strlen(szTmpBuf64) + 2 + 1); 
data/medusa-2.2/src/modsrc/pop3.c:553:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, 11 + strlen(szTmpBuf64) + 2 + 1);
data/medusa-2.2/src/modsrc/pop3.c:558:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:591:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:612:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szPrompt = malloc(strlen((char*)bufReceive + 2) + 1);
data/medusa-2.2/src/modsrc/pop3.c:613:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szPrompt, 0, strlen((char*)bufReceive + 2) + 1);
data/medusa-2.2/src/modsrc/pop3.c:624:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc((2 * strlen(szLogin) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/pop3.c:625:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, (2 * strlen(szLogin) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/pop3.c:626:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  base64_encode(szLogin, strlen(szLogin), (char*)bufSend);
data/medusa-2.2/src/modsrc/pop3.c:627:3:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant string.
  strncat((char*)bufSend, "\r\n", 2);   
data/medusa-2.2/src/modsrc/pop3.c:629:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:644:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szPrompt = malloc(strlen((char*)bufReceive + 2) + 1);
data/medusa-2.2/src/modsrc/pop3.c:645:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szPrompt, 0, strlen((char*)bufReceive + 2) + 1);
data/medusa-2.2/src/modsrc/pop3.c:656:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc((2 * strlen(szPassword) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/pop3.c:657:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, (2 * strlen(szPassword) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/pop3.c:658:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  base64_encode(szPassword, strlen(szPassword), (char*)bufSend);
data/medusa-2.2/src/modsrc/pop3.c:659:3:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant string.
  strncat((char*)bufSend, "\r\n", 2);
data/medusa-2.2/src/modsrc/pop3.c:661:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:694:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:718:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szTmpBuf64) + 2;
data/medusa-2.2/src/modsrc/pop3.c:725:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/pop3.c:758:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szTmpBuf64) + 2;
data/medusa-2.2/src/modsrc/postgres.c:81:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/postgres.c:81:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/postgres.c:81:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/postgres.c:124:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/postgres.c:125:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/postgres.c:126:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/postgres.c:126:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/postgres.c:138:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDB = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/postgres.c:139:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDB, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/postgres.c:140:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *)psSessionData->szDB, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/postgres.c:140:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *)psSessionData->szDB, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/postgres.c:275:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szConnectionString = malloc(strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:275:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szConnectionString = malloc(strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:275:89:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szConnectionString = malloc(strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:275:110:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szConnectionString = malloc(strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:276:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szConnectionString, 0, strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:276:73:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szConnectionString, 0, strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:276:91:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szConnectionString, 0, strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:276:112:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szConnectionString, 0, strlen((*psLogin)->psServer->pHostIP) + strlen(szLogin) + strlen(szPassword) + strlen(_psSessionData->szDB) + 47);
data/medusa-2.2/src/modsrc/postgres.c:309:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBPQ_WARNING) + 1;
data/medusa-2.2/src/modsrc/postgres.c:309:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBPQ_WARNING) + 1;
data/medusa-2.2/src/modsrc/postgres.c:309:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBPQ_WARNING) + 1;
data/medusa-2.2/src/modsrc/postgres.c:309:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBPQ_WARNING) + 1;
data/medusa-2.2/src/modsrc/rdp.c:100:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rdp.c:100:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rdp.c:100:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rdp.c:155:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/rdp.c:156:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/rdp.c:157:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/rdp.c:157:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/rdp.c:169:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDomain = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/rdp.c:170:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDomain, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/rdp.c:171:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/rdp.c:171:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/rdp.c:540:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(szPassword) == 0)
data/medusa-2.2/src/modsrc/rexec.c:73:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rexec.c:73:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rexec.c:73:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rexec.c:227:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)bufSend+1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rexec.c:227:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rexec.c:228:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1]=0x00;
data/medusa-2.2/src/modsrc/rexec.c:229:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)bufSend+2+strlen(szLogin), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/rexec.c:229:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+2+strlen(szLogin), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/rexec.c:229:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+2+strlen(szLogin), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/rexec.c:230:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1]=0x00;
data/medusa-2.2/src/modsrc/rexec.c:230:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1]=0x00;
data/medusa-2.2/src/modsrc/rexec.c:231:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szPassword)+1, "id", 3);
data/medusa-2.2/src/modsrc/rexec.c:231:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szPassword)+1, "id", 3);
data/medusa-2.2/src/modsrc/rexec.c:231:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szPassword)+1, "id", 3);
data/medusa-2.2/src/modsrc/rexec.c:232:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1+3]=0x00;
data/medusa-2.2/src/modsrc/rexec.c:232:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1+3]=0x00;
data/medusa-2.2/src/modsrc/rexec.c:234:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen(szLogin)+1+strlen(szPassword)+1+4 , 0) < 0)
data/medusa-2.2/src/modsrc/rexec.c:234:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen(szLogin)+1+strlen(szPassword)+1+4 , 0) < 0)
data/medusa-2.2/src/modsrc/rlogin.c:72:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rlogin.c:72:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rlogin.c:72:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rlogin.c:225:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)bufSend+1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rlogin.c:225:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rlogin.c:226:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1]=0x00;
data/medusa-2.2/src/modsrc/rlogin.c:227:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)bufSend+2+strlen(szLogin), szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rlogin.c:227:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+2+strlen(szLogin), szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rlogin.c:227:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+2+strlen(szLogin), szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rlogin.c:228:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szLogin)+1]=0x00;
data/medusa-2.2/src/modsrc/rlogin.c:228:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szLogin)+1]=0x00;
data/medusa-2.2/src/modsrc/rlogin.c:229:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szLogin)+1, "xterm", 5);
data/medusa-2.2/src/modsrc/rlogin.c:229:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szLogin)+1, "xterm", 5);
data/medusa-2.2/src/modsrc/rlogin.c:229:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szLogin)+1, "xterm", 5);
data/medusa-2.2/src/modsrc/rlogin.c:230:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szLogin)+1+7]=0x00;
data/medusa-2.2/src/modsrc/rlogin.c:230:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szLogin)+1+7]=0x00;
data/medusa-2.2/src/modsrc/rlogin.c:232:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen(szLogin)+1+strlen(szLogin)+1+7 , 0) < 0)
data/medusa-2.2/src/modsrc/rlogin.c:232:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen(szLogin)+1+strlen(szLogin)+1+7 , 0) < 0)
data/medusa-2.2/src/modsrc/rlogin.c:261:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/rsh.c:73:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rsh.c:73:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rsh.c:73:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/rsh.c:230:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)bufSend+1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rsh.c:230:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/rsh.c:231:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1]=0x00;
data/medusa-2.2/src/modsrc/rsh.c:232:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)bufSend+2+strlen(szLogin), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/rsh.c:232:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+2+strlen(szLogin), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/rsh.c:232:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+2+strlen(szLogin), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/rsh.c:233:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1]=0x00;
data/medusa-2.2/src/modsrc/rsh.c:233:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1]=0x00;
data/medusa-2.2/src/modsrc/rsh.c:234:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szPassword)+1, "id", 3);
data/medusa-2.2/src/modsrc/rsh.c:234:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szPassword)+1, "id", 3);
data/medusa-2.2/src/modsrc/rsh.c:234:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend+1+strlen(szLogin)+1+strlen(szPassword)+1, "id", 3);
data/medusa-2.2/src/modsrc/rsh.c:235:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1+3]=0x00;
data/medusa-2.2/src/modsrc/rsh.c:235:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend[strlen(szLogin)+1+strlen(szPassword)+1+3]=0x00;
data/medusa-2.2/src/modsrc/rsh.c:237:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen(szLogin)+1+strlen(szPassword)+1+4 , 0) < 0)
data/medusa-2.2/src/modsrc/rsh.c:237:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen(szLogin)+1+strlen(szPassword)+1+4 , 0) < 0)
data/medusa-2.2/src/modsrc/smbnt.c:194:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smbnt.c:194:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smbnt.c:194:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smbnt.c:291:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:292:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:293:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/smbnt.c:293:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/smbnt.c:321:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->workgroup_other, pOpt, 16);
data/medusa-2.2/src/modsrc/smbnt.c:537:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pOptTmp = malloc( strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:538:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(pOptTmp, 0, strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:539:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(pOptTmp, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smbnt.c:539:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy(pOptTmp, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smbnt.c:543:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((char *) _psSessionData->workgroup_other, pOpt, 16);
data/medusa-2.2/src/modsrc/smbnt.c:547:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szUser = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:548:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szUser, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:549:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(szUser, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smbnt.c:549:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy(szUser, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smbnt.c:558:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szUser = malloc(strlen(szLogin) + 1); 
data/medusa-2.2/src/modsrc/smbnt.c:559:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szUser, 0, strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:560:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(szUser, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smbnt.c:560:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy(szUser, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smbnt.c:690:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((char *)password, (char *)pass, 14);
data/medusa-2.2/src/modsrc/smbnt.c:757:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      for (i = 0; i < strlen((char *) pass); i++)
data/medusa-2.2/src/modsrc/smbnt.c:760:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      mdlen = strlen((char *) pass) * 2;    /* length in bytes */
data/medusa-2.2/src/modsrc/smbnt.c:804:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 0; i < strlen((char *) pass); i++)
data/medusa-2.2/src/modsrc/smbnt.c:807:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    mdlen = strlen((char *) pass) * 2;    /* length in bytes */
data/medusa-2.2/src/modsrc/smbnt.c:903:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen((char *)szLogin); i++)
data/medusa-2.2/src/modsrc/smbnt.c:912:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen((char *)_psSessionData->workgroup); i++)
data/medusa-2.2/src/modsrc/smbnt.c:916:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  hmac_md5_update((const unsigned char *)unicodeUsername, 2 * strlen((char *)szLogin), &ctx);
data/medusa-2.2/src/modsrc/smbnt.c:917:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  hmac_md5_update((const unsigned char *)unicodeTarget, 2 * strlen((char *)_psSessionData->workgroup), &ctx);
data/medusa-2.2/src/modsrc/smbnt.c:994:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iTargetLen = 2 * strlen((char *)_psSessionData->workgroup);
data/medusa-2.2/src/modsrc/smbnt.c:1024:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen((char *)szLogin); i++)
data/medusa-2.2/src/modsrc/smbnt.c:1033:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen((char *)_psSessionData->workgroup); i++)
data/medusa-2.2/src/modsrc/smbnt.c:1037:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  hmac_md5_update((const unsigned char *)unicodeUsername, 2 * strlen((char *)szLogin), &ctx);
data/medusa-2.2/src/modsrc/smbnt.c:1038:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  hmac_md5_update((const unsigned char *)unicodeTarget, 2 * strlen((char *)_psSessionData->workgroup), &ctx);
data/medusa-2.2/src/modsrc/smbnt.c:1094:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen((char *)_psSessionData->workgroup); i++)
data/medusa-2.2/src/modsrc/smbnt.c:1446:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(_psSessionData->workgroup, _psSessionData->workgroup_other, 16);
data/medusa-2.2/src/modsrc/smbnt.c:1659:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iByteCount = 2 * strlen(szPassword) + 2;
data/medusa-2.2/src/modsrc/smbnt.c:1675:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((char *)buf + iOffset, szPassword, 256);
data/medusa-2.2/src/modsrc/smbnt.c:1684:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(buf + iOffset + iByteCount, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smbnt.c:1685:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iByteCount += strlen(szLogin) + 1; /* NULL pad account name */
data/medusa-2.2/src/modsrc/smbnt.c:1686:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(buf + iOffset + iByteCount, _psSessionData->workgroup, strlen((char *) _psSessionData->workgroup));
data/medusa-2.2/src/modsrc/smbnt.c:1687:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iByteCount += strlen((char *) _psSessionData->workgroup) + 1; /* NULL pad workgroup name */
data/medusa-2.2/src/modsrc/smbnt.c:1691:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iByteCount += strlen("Unix") + 1; /* NULL pad OS name */
data/medusa-2.2/src/modsrc/smbnt.c:1693:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iByteCount += strlen("Samba") + 1; /* NULL pad LAN Manager name */
data/medusa-2.2/src/modsrc/smbnt.c:1720:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iByteCount = 1 + 2 + strlen((char *) (*psLogin)->psServer->pHostIP) + 7 + 1 + 6;
data/medusa-2.2/src/modsrc/smbnt.c:1734:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(buf + iOffset, szPath, strlen((char *)szPath));
data/medusa-2.2/src/modsrc/smbnt.c:1735:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iOffset += strlen((char *)szPath) + 1;
data/medusa-2.2/src/modsrc/smbnt.c:1893:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      (*psLogin)->pErrorMsg = malloc( strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1893:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      (*psLogin)->pErrorMsg = malloc( strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1894:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset((*psLogin)->pErrorMsg, 0, strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1894:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset((*psLogin)->pErrorMsg, 0, strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1895:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy((*psLogin)->pErrorMsg, ErrorCode, strlen(ErrorCode));
data/medusa-2.2/src/modsrc/smbnt.c:1895:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy((*psLogin)->pErrorMsg, ErrorCode, strlen(ErrorCode));
data/medusa-2.2/src/modsrc/smbnt.c:1896:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat((*psLogin)->pErrorMsg, pErrorMsg, strlen(pErrorMsg));
data/medusa-2.2/src/modsrc/smbnt.c:1896:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncat((*psLogin)->pErrorMsg, pErrorMsg, strlen(pErrorMsg));
data/medusa-2.2/src/modsrc/smbnt.c:1924:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      (*psLogin)->pErrorMsg = malloc( strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1924:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      (*psLogin)->pErrorMsg = malloc( strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1925:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset((*psLogin)->pErrorMsg, 0, strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1925:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset((*psLogin)->pErrorMsg, 0, strlen(ErrorCode) + strlen(pErrorMsg) + 1);
data/medusa-2.2/src/modsrc/smbnt.c:1926:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy((*psLogin)->pErrorMsg, ErrorCode, strlen(ErrorCode));
data/medusa-2.2/src/modsrc/smbnt.c:1926:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy((*psLogin)->pErrorMsg, ErrorCode, strlen(ErrorCode));
data/medusa-2.2/src/modsrc/smbnt.c:1927:7:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
      strncat((*psLogin)->pErrorMsg, pErrorMsg, strlen(pErrorMsg));
data/medusa-2.2/src/modsrc/smbnt.c:1927:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncat((*psLogin)->pErrorMsg, pErrorMsg, strlen(pErrorMsg));
data/medusa-2.2/src/modsrc/smbnt.c:1954:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/smbnt.c:1954:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/smbnt.c:1954:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/smbnt.c:1954:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/smtp-vrfy.c:96:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smtp-vrfy.c:96:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smtp-vrfy.c:96:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smtp-vrfy.c:147:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:148:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:149:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:149:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:181:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szHELO = malloc(strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:182:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szHELO, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:182:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szHELO, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:194:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szMAILFROM = malloc(strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:195:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szMAILFROM, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:195:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szMAILFROM, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp-vrfy.c:383:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szHELO) + 2;
data/medusa-2.2/src/modsrc/smtp-vrfy.c:392:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp-vrfy.c:418:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp-vrfy.c:446:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nSendBufferSize = 5 + strlen(_psSessionData->szHELO) + 2;
data/medusa-2.2/src/modsrc/smtp-vrfy.c:451:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp-vrfy.c:479:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 12 + strlen(_psSessionData->szMAILFROM) + 3;
data/medusa-2.2/src/modsrc/smtp-vrfy.c:484:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp-vrfy.c:518:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
      strncpy(szVerb, "VRFY", 4);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:522:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
      strncpy(szVerb, "EXPN", 4);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:526:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
      strncpy(szVerb, "RCPT TO:", 8);
data/medusa-2.2/src/modsrc/smtp-vrfy.c:532:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(szDomain) > 0)
data/medusa-2.2/src/modsrc/smtp-vrfy.c:541:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:92:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smtp.c:92:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smtp.c:92:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/smtp.c:145:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/smtp.c:146:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/smtp.c:147:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/smtp.c:147:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/smtp.c:175:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDomain = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/smtp.c:176:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDomain, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/smtp.c:177:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp.c:177:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp.c:189:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szEHLO = malloc(strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp.c:190:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szEHLO, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp.c:190:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szEHLO, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/smtp.c:361:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = 5 + strlen(_psSessionData->szEHLO) + 2;
data/medusa-2.2/src/modsrc/smtp.c:366:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:392:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:420:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nSendBufferSize = 5 + strlen(_psSessionData->szEHLO) + 2;
data/medusa-2.2/src/modsrc/smtp.c:425:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:510:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:526:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
data/medusa-2.2/src/modsrc/smtp.c:526:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
data/medusa-2.2/src/modsrc/smtp.c:526:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
data/medusa-2.2/src/modsrc/smtp.c:529:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)szTmpBuf, szLogin, strlen((char *)szLogin));
data/medusa-2.2/src/modsrc/smtp.c:529:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)szTmpBuf, szLogin, strlen((char *)szLogin));
data/medusa-2.2/src/modsrc/smtp.c:530:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)szTmpBuf + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smtp.c:530:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)szTmpBuf + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smtp.c:530:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)szTmpBuf + strlen(szLogin) + 1, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/smtp.c:531:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/smtp.c:531:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/smtp.c:531:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/smtp.c:531:85:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/smtp.c:538:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc(strlen((char *)szTmpBuf64) + 2 + 1);
data/medusa-2.2/src/modsrc/smtp.c:539:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, strlen((char *)szTmpBuf64) + 2 + 1);
data/medusa-2.2/src/modsrc/smtp.c:544:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:580:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:604:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szPrompt = malloc(strlen((char *)szTmpBuf) + 1);
data/medusa-2.2/src/modsrc/smtp.c:605:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szPrompt, 0, strlen((char *)szTmpBuf) + 1);
data/medusa-2.2/src/modsrc/smtp.c:619:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szLoginDomain = malloc(strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/smtp.c:619:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    szLoginDomain = malloc(strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/smtp.c:620:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szLoginDomain, 0, strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/smtp.c:620:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(szLoginDomain, 0, strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
data/medusa-2.2/src/modsrc/smtp.c:628:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc((2 * strlen((char *)szLoginDomain) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/smtp.c:629:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, (2 * strlen((char *)szLoginDomain) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/smtp.c:630:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  base64_encode((char *)szLoginDomain, strlen((char *)szLoginDomain), (char *)bufSend);
data/medusa-2.2/src/modsrc/smtp.c:631:3:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant string.
  strncat((char *)bufSend, "\r\n", 2);
data/medusa-2.2/src/modsrc/smtp.c:636:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:659:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  szPrompt = malloc(strlen((char *)szTmpBuf) + 1);
data/medusa-2.2/src/modsrc/smtp.c:660:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(szPrompt, 0, strlen((char *)szTmpBuf) + 1);
data/medusa-2.2/src/modsrc/smtp.c:671:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc((2 * strlen(szPassword) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/smtp.c:672:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, (2 * strlen(szPassword) + 2) + 2 + 1);
data/medusa-2.2/src/modsrc/smtp.c:673:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  base64_encode((char *)szPassword, strlen((char *)szPassword), (char *)bufSend);
data/medusa-2.2/src/modsrc/smtp.c:674:3:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant string.
  strncat((char *)bufSend, "\r\n", 2);
data/medusa-2.2/src/modsrc/smtp.c:676:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:711:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen((char *)szTmpBuf64) + 2;
data/medusa-2.2/src/modsrc/smtp.c:718:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/smtp.c:752:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen((char *)szTmpBuf64) + 2;
data/medusa-2.2/src/modsrc/snmp.c:94:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/snmp.c:94:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/snmp.c:94:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/snmp.c:165:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/snmp.c:166:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/snmp.c:167:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/snmp.c:167:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/snmp.c:298:9:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
        usleep(_psSessionData->nSendDelay);
data/medusa-2.2/src/modsrc/snmp.c:597:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = sizeof(snmpv1_a) + sizeof(snmpv1_r) + strlen(szPassword); 
data/medusa-2.2/src/modsrc/snmp.c:598:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  snmpv1_a.comlen = (char) strlen(szPassword);
data/medusa-2.2/src/modsrc/snmp.c:604:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(bufSend + sizeof(snmpv1_a), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/snmp.c:605:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(bufSend + sizeof(snmpv1_a) + strlen(szPassword), &snmpv1_r, sizeof(snmpv1_r));
data/medusa-2.2/src/modsrc/snmp.c:664:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = sizeof(snmpv1_a) + sizeof(snmpv1_w) + strlen(szPassword) + strlen(szLocation) + 1; 
data/medusa-2.2/src/modsrc/snmp.c:664:80:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = sizeof(snmpv1_a) + sizeof(snmpv1_w) + strlen(szPassword) + strlen(szLocation) + 1; 
data/medusa-2.2/src/modsrc/snmp.c:665:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  snmpv1_a.comlen = (char) strlen(szPassword);
data/medusa-2.2/src/modsrc/snmp.c:671:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(bufSend + sizeof(snmpv1_a), szPassword, strlen(szPassword));
data/medusa-2.2/src/modsrc/snmp.c:672:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(bufSend + sizeof(snmpv1_a) + strlen(szPassword), &snmpv1_w, sizeof(snmpv1_w));
data/medusa-2.2/src/modsrc/snmp.c:673:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + 1, 28 + strlen(szLocation), 1); /* set length remaining */
data/medusa-2.2/src/modsrc/snmp.c:673:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + 1, 28 + strlen(szLocation), 1); /* set length remaining */
data/medusa-2.2/src/modsrc/snmp.c:674:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + 15, 14 + strlen(szLocation), 1); /* set length remaining */
data/medusa-2.2/src/modsrc/snmp.c:674:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + 15, 14 + strlen(szLocation), 1); /* set length remaining */
data/medusa-2.2/src/modsrc/snmp.c:675:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + 17, 12 + strlen(szLocation), 1); /* set length remaining */
data/medusa-2.2/src/modsrc/snmp.c:675:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + 17, 12 + strlen(szLocation), 1); /* set length remaining */
data/medusa-2.2/src/modsrc/snmp.c:676:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + sizeof(snmpv1_w) - 1, strlen(szLocation), 1);
data/medusa-2.2/src/modsrc/snmp.c:676:82:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend + sizeof(snmpv1_a) + strlen(szPassword) + sizeof(snmpv1_w) - 1, strlen(szLocation), 1);
data/medusa-2.2/src/modsrc/snmp.c:677:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)bufSend + sizeof(snmpv1_a) + strlen(szPassword) + sizeof(snmpv1_w), szLocation, strlen(szLocation));
data/medusa-2.2/src/modsrc/snmp.c:677:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend + sizeof(snmpv1_a) + strlen(szPassword) + sizeof(snmpv1_w), szLocation, strlen(szLocation));
data/medusa-2.2/src/modsrc/snmp.c:677:99:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy((char *)bufSend + sizeof(snmpv1_a) + strlen(szPassword) + sizeof(snmpv1_w), szLocation, strlen(szLocation));
data/medusa-2.2/src/modsrc/ssh.c:93:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ssh.c:93:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ssh.c:93:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/ssh.c:134:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/ssh.c:135:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/ssh.c:136:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/ssh.c:136:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/ssh.c:145:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szBannerMsg = malloc(strlen(pOpt));
data/medusa-2.2/src/modsrc/ssh.c:146:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szBannerMsg, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/ssh.c:146:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szBannerMsg, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/ssh.c:252:78:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if ((strncmp(_psSessionData->szBannerMsg, "SSH-2.0-", 8) != 0) || (strlen(_psSessionData->szBannerMsg) > 253)) {
data/medusa-2.2/src/modsrc/ssh.c:422:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        responses[i].text = malloc( strlen(pPass) );
data/medusa-2.2/src/modsrc/ssh.c:423:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(responses[i].text, 0, strlen(pPass));
data/medusa-2.2/src/modsrc/ssh.c:424:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(responses[i].text, pPass, strlen(pPass));
data/medusa-2.2/src/modsrc/ssh.c:424:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(responses[i].text, pPass, strlen(pPass));
data/medusa-2.2/src/modsrc/ssh.c:425:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        responses[i].length = strlen(pPass);
data/medusa-2.2/src/modsrc/ssh.c:458:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  pErrorMsg = libssh2_userauth_list(session, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/ssh.c:547:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSSH2_WARNING) + 1;
data/medusa-2.2/src/modsrc/ssh.c:547:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSSH2_WARNING) + 1;
data/medusa-2.2/src/modsrc/ssh.c:547:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSSH2_WARNING) + 1;
data/medusa-2.2/src/modsrc/ssh.c:547:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSSH2_WARNING) + 1;
data/medusa-2.2/src/modsrc/svn.c:87:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/svn.c:87:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/svn.c:87:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/svn.c:130:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/svn.c:131:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/svn.c:132:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/svn.c:132:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/svn.c:144:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szBranch = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/svn.c:145:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szBranch, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/svn.c:146:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *)psSessionData->szBranch, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/svn.c:146:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *)psSessionData->szBranch, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/svn.c:201:5:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
    sprintf(_psSessionData->szBranch, "/");
data/medusa-2.2/src/modsrc/svn.c:204:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  _psSessionData->szURL = malloc(strlen(psLogin->psServer->pHostIP) + log(params.nPort) + strlen(_psSessionData->szBranch) + 10);
data/medusa-2.2/src/modsrc/svn.c:204:91:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  _psSessionData->szURL = malloc(strlen(psLogin->psServer->pHostIP) + log(params.nPort) + strlen(_psSessionData->szBranch) + 10);
data/medusa-2.2/src/modsrc/svn.c:205:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(_psSessionData->szURL, 0, strlen(psLogin->psServer->pHostIP) + log(params.nPort) + strlen(_psSessionData->szBranch) + 10);
data/medusa-2.2/src/modsrc/svn.c:205:93:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(_psSessionData->szURL, 0, strlen(psLogin->psServer->pHostIP) + log(params.nPort) + strlen(_psSessionData->szBranch) + 10);
data/medusa-2.2/src/modsrc/svn.c:410:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSVN_WARNING) + 1;
data/medusa-2.2/src/modsrc/svn.c:410:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSVN_WARNING) + 1;
data/medusa-2.2/src/modsrc/svn.c:410:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSVN_WARNING) + 1;
data/medusa-2.2/src/modsrc/svn.c:410:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(LIBSVN_WARNING) + 1;
data/medusa-2.2/src/modsrc/telnet.c:110:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/telnet.c:110:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/telnet.c:110:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/telnet.c:153:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/telnet.c:154:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/telnet.c:155:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/telnet.c:155:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/telnet.c:443:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nSendBufferSize = strlen((char *)bufSend) + 1;  // Count the null terminator
data/medusa-2.2/src/modsrc/telnet.c:469:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strcspn((char *)bufReceive, KNOWN_PROMPTS) != strlen((char *)bufReceive))
data/medusa-2.2/src/modsrc/telnet.c:521:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen((char *)bufSend) + 1;  // Count the null terminator
data/medusa-2.2/src/modsrc/telnet.c:568:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (strcspn((char *)bufReceive, KNOWN_PROMPTS) != strlen((char *)bufReceive))
data/medusa-2.2/src/modsrc/telnet.c:661:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szUser, szLogin, 10);
data/medusa-2.2/src/modsrc/telnet.c:662:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(szPass, szPassword, 128);
data/medusa-2.2/src/modsrc/telnet.c:665:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  nSendBufferSize = strlen((char *)bufSend) + 1;
data/medusa-2.2/src/modsrc/telnet.c:689:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*psLogin)->pErrorMsg = malloc( strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:690:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset((*psLogin)->pErrorMsg, 0, strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:691:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:691:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:699:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*psLogin)->pErrorMsg = malloc( strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:700:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset((*psLogin)->pErrorMsg, 0, strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:701:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:701:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:709:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*psLogin)->pErrorMsg = malloc( strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:710:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset((*psLogin)->pErrorMsg, 0, strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:711:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:711:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:732:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*psLogin)->pErrorMsg = malloc( strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:733:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset((*psLogin)->pErrorMsg, 0, strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:734:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:734:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:742:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*psLogin)->pErrorMsg = malloc( strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:743:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset((*psLogin)->pErrorMsg, 0, strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:744:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:744:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:752:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*psLogin)->pErrorMsg = malloc( strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:753:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset((*psLogin)->pErrorMsg, 0, strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:754:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:754:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:762:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*psLogin)->pErrorMsg = malloc( strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:763:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset((*psLogin)->pErrorMsg, 0, strlen(szErrorMsg) + 1 );
data/medusa-2.2/src/modsrc/telnet.c:764:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/telnet.c:764:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((*psLogin)->pErrorMsg, szErrorMsg, strlen(szErrorMsg));
data/medusa-2.2/src/modsrc/vmauthd.c:74:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/vmauthd.c:74:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/vmauthd.c:74:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/vmauthd.c:262:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc(strlen(szLogin) + 7 + 1);
data/medusa-2.2/src/modsrc/vmauthd.c:263:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, strlen(szLogin) + 7 + 1);
data/medusa-2.2/src/modsrc/vmauthd.c:266:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/vmauthd.c:284:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  bufSend = malloc(strlen(szPassword) + 7 + 1);
data/medusa-2.2/src/modsrc/vmauthd.c:285:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memset(bufSend, 0, strlen(szPassword) + 7 + 1);
data/medusa-2.2/src/modsrc/vmauthd.c:288:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
data/medusa-2.2/src/modsrc/vnc.c:100:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/vnc.c:100:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/vnc.c:100:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/vnc.c:158:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/vnc.c:159:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/vnc.c:160:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/vnc.c:160:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/vnc.c:182:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDomain = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/vnc.c:183:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDomain, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/vnc.c:184:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/vnc.c:184:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *) psSessionData->szDomain, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/vnc.c:374:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (i < strlen(passwd)) {
data/medusa-2.2/src/modsrc/vnc.c:393:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (i < strlen(passwd)) {
data/medusa-2.2/src/modsrc/vnc.c:512:3:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
  usleep(0.5 * 1000000);
data/medusa-2.2/src/modsrc/vnc.c:868:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if ((_psSessionData->szDomain) && (strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) < 256))
data/medusa-2.2/src/modsrc/vnc.c:868:77:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if ((_psSessionData->szDomain) && (strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) < 256))
data/medusa-2.2/src/modsrc/vnc.c:870:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((char *)ms_user, _psSessionData->szDomain, strlen(_psSessionData->szDomain));
data/medusa-2.2/src/modsrc/vnc.c:870:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy((char *)ms_user, _psSessionData->szDomain, strlen(_psSessionData->szDomain));
data/medusa-2.2/src/modsrc/vnc.c:871:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant character.
    strncat((char *)ms_user, "\\", 1);
data/medusa-2.2/src/modsrc/vnc.c:872:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
    strncat((char *)ms_user, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/vnc.c:872:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncat((char *)ms_user, szLogin, strlen(szLogin));
data/medusa-2.2/src/modsrc/vnc.c:875:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((char *)ms_user, szLogin, 256);
data/medusa-2.2/src/modsrc/vnc.c:877:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy((char *)ms_passwd, szPassword, 64);
data/medusa-2.2/src/modsrc/vnc.c:1015:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/vnc.c:1015:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/vnc.c:1015:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/vnc.c:1015:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/web-form.c:93:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/web-form.c:93:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/web-form.c:93:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/web-form.c:146:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/web-form.c:147:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/web-form.c:148:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/web-form.c:148:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/web-form.c:160:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDir = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:161:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDir, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:162:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szDir, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:162:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szDir, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:174:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szDenySignal= malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:175:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szDenySignal, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:176:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szDenySignal, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:176:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szDenySignal, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:188:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szFormData = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:189:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szFormData, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:190:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szFormData, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:190:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szFormData, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:202:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szUserAgent = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:203:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szUserAgent, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:204:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(psSessionData->szUserAgent, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:204:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(psSessionData->szUserAgent, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:218:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            psSessionData->szCustomHeader = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/web-form.c:219:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            memset(psSessionData->szCustomHeader, 0, strlen(pOpt) + 3);
data/medusa-2.2/src/modsrc/web-form.c:220:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(psSessionData->szCustomHeader, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:220:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncpy(psSessionData->szCustomHeader, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:221:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
            strncpy(psSessionData->szCustomHeader + strlen(pOpt), "\r\n", 2);
data/medusa-2.2/src/modsrc/web-form.c:221:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncpy(psSessionData->szCustomHeader + strlen(pOpt), "\r\n", 2);
data/medusa-2.2/src/modsrc/web-form.c:226:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int oldSize = strlen(psSessionData->szCustomHeader);
data/medusa-2.2/src/modsrc/web-form.c:227:94:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            psSessionData->szCustomHeader = realloc(psSessionData->szCustomHeader, oldSize + strlen(pOpt) + 3);
data/medusa-2.2/src/modsrc/web-form.c:228:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            memset(psSessionData->szCustomHeader + oldSize, 0, strlen(pOpt) + 3);
data/medusa-2.2/src/modsrc/web-form.c:229:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(psSessionData->szCustomHeader + oldSize, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:229:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncpy(psSessionData->szCustomHeader + oldSize, pOpt, strlen(pOpt));
data/medusa-2.2/src/modsrc/web-form.c:230:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
            strncpy(psSessionData->szCustomHeader + oldSize + strlen(pOpt), "\r\n", 2);
data/medusa-2.2/src/modsrc/web-form.c:230:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncpy(psSessionData->szCustomHeader + oldSize + strlen(pOpt), "\r\n", 2);
data/medusa-2.2/src/modsrc/web-form.c:314:11:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
          sprintf(_psSessionData->szDir, "/");
data/medusa-2.2/src/modsrc/web-form.c:318:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nBufLength = strlen(_psLogin->psServer->psHost->pHost) + 1 + log(params.nPort) + 1;
data/medusa-2.2/src/modsrc/web-form.c:354:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              _psSessionData->szFormUser = malloc( strlen(pTemp) + 1 );
data/medusa-2.2/src/modsrc/web-form.c:355:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              memset(_psSessionData->szFormUser, 0, strlen(pTemp) + 1);
data/medusa-2.2/src/modsrc/web-form.c:356:15:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
              strncpy(_psSessionData->szFormUser, pTemp, strlen(pTemp));
data/medusa-2.2/src/modsrc/web-form.c:356:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              strncpy(_psSessionData->szFormUser, pTemp, strlen(pTemp));
data/medusa-2.2/src/modsrc/web-form.c:362:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              _psSessionData->szFormPass = malloc( strlen(pTemp) + 1);
data/medusa-2.2/src/modsrc/web-form.c:363:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              memset(_psSessionData->szFormPass, 0, strlen(pTemp) + 1);
data/medusa-2.2/src/modsrc/web-form.c:364:15:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
              strncpy(_psSessionData->szFormPass, pTemp, strlen(pTemp));
data/medusa-2.2/src/modsrc/web-form.c:364:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              strncpy(_psSessionData->szFormPass, pTemp, strlen(pTemp));
data/medusa-2.2/src/modsrc/web-form.c:370:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              _psSessionData->szFormRest = malloc( strlen(pTemp) + 1 );
data/medusa-2.2/src/modsrc/web-form.c:371:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              memset(_psSessionData->szFormRest, 0, strlen(pTemp) + 1);
data/medusa-2.2/src/modsrc/web-form.c:372:15:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
              strncpy(_psSessionData->szFormRest, pTemp, strlen(pTemp));
data/medusa-2.2/src/modsrc/web-form.c:372:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              strncpy(_psSessionData->szFormRest, pTemp, strlen(pTemp));
data/medusa-2.2/src/modsrc/web-form.c:476:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t iLen=strlen(szStr);
data/medusa-2.2/src/modsrc/web-form.c:623:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/web-form.c:623:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/web-form.c:623:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/web-form.c:623:103:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + strlen(OPENSSL_WARNING) + 1;
data/medusa-2.2/src/modsrc/wrapper.c:89:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/wrapper.c:89:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/wrapper.c:89:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iLength = strlen(MODULE_SUMMARY_USAGE) + strlen(MODULE_VERSION) + strlen(MODULE_SUMMARY_FORMAT) + 1;
data/medusa-2.2/src/modsrc/wrapper.c:145:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      pOptTmp = malloc( strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:146:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memset(pOptTmp, 0, strlen(argv[i]) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:147:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/wrapper.c:147:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      strncpy(pOptTmp, argv[i], strlen(argv[i]));
data/medusa-2.2/src/modsrc/wrapper.c:173:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szCmd = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:174:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szCmd, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:175:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *)psSessionData->szCmd, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:175:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *)psSessionData->szCmd, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:187:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          psSessionData->szCmdParam = malloc(strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:188:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memset(psSessionData->szCmdParam, 0, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:189:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy((char *)psSessionData->szCmdParam, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:189:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy((char *)psSessionData->szCmdParam, pOpt, strlen(pOpt) + 1);
data/medusa-2.2/src/modsrc/wrapper.c:248:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCmdLength = strlen(_psSessionData->szCmdParam);
data/medusa-2.2/src/modsrc/wrapper.c:250:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCmdLength += strlen(psLogin->psServer->pHostIP);
data/medusa-2.2/src/modsrc/wrapper.c:251:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCmdLength += strlen(psCredSet->psUser->pUser);
data/medusa-2.2/src/modsrc/wrapper.c:252:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCmdLength += strlen(psCredSet->pPass);
data/medusa-2.2/src/modsrc/wrapper.c:257:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCmdLength = strlen(_psSessionData->szCmdParam);
data/medusa-2.2/src/modsrc/wrapper.c:259:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCmdLength += strlen(psLogin->psServer->pHostIP);
data/medusa-2.2/src/modsrc/wrapper.c:260:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          nCmdLength += strlen(psCredSet->psUser->pUser);
data/medusa-2.2/src/modsrc/wrapper.c:274:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szCmdTmp, _psSessionData->szCmdParam, nCmdPartLength); 
data/medusa-2.2/src/modsrc/wrapper.c:275:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szCmdTmp + nCmdPartLength, psLogin->psServer->pHostIP, strlen(psLogin->psServer->pHostIP)); 
data/medusa-2.2/src/modsrc/wrapper.c:275:74:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szCmdTmp + nCmdPartLength, psLogin->psServer->pHostIP, strlen(psLogin->psServer->pHostIP)); 
data/medusa-2.2/src/modsrc/wrapper.c:276:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szCmdTmp + nCmdPartLength + strlen(psLogin->psServer->pHostIP), szTmp + 2, strlen(szTmp) - 2);
data/medusa-2.2/src/modsrc/wrapper.c:276:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szCmdTmp + nCmdPartLength + strlen(psLogin->psServer->pHostIP), szTmp + 2, strlen(szTmp) - 2);
data/medusa-2.2/src/modsrc/wrapper.c:276:94:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szCmdTmp + nCmdPartLength + strlen(psLogin->psServer->pHostIP), szTmp + 2, strlen(szTmp) - 2);
data/medusa-2.2/src/modsrc/wrapper.c:293:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(_psSessionData->szCmdParamFull, szCmdTmp, nCmdPartLength); 
data/medusa-2.2/src/modsrc/wrapper.c:294:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(_psSessionData->szCmdParamFull + nCmdPartLength, psCredSet->psUser->pUser, strlen(psCredSet->psUser->pUser)); 
data/medusa-2.2/src/modsrc/wrapper.c:294:94:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(_psSessionData->szCmdParamFull + nCmdPartLength, psCredSet->psUser->pUser, strlen(psCredSet->psUser->pUser)); 
data/medusa-2.2/src/modsrc/wrapper.c:295:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(_psSessionData->szCmdParamFull + nCmdPartLength + strlen(psCredSet->psUser->pUser), szTmp + 2, strlen(szTmp) - 2); 
data/medusa-2.2/src/modsrc/wrapper.c:295:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(_psSessionData->szCmdParamFull + nCmdPartLength + strlen(psCredSet->psUser->pUser), szTmp + 2, strlen(szTmp) - 2); 
data/medusa-2.2/src/modsrc/wrapper.c:295:114:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(_psSessionData->szCmdParamFull + nCmdPartLength + strlen(psCredSet->psUser->pUser), szTmp + 2, strlen(szTmp) - 2); 
data/medusa-2.2/src/modsrc/wrapper.c:312:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szCmdTmp, _psSessionData->szCmdParamFull, nCmdPartLength); 
data/medusa-2.2/src/modsrc/wrapper.c:313:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szCmdTmp + nCmdPartLength, psCredSet->pPass, strlen(psCredSet->pPass)); 
data/medusa-2.2/src/modsrc/wrapper.c:313:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szCmdTmp + nCmdPartLength, psCredSet->pPass, strlen(psCredSet->pPass)); 
data/medusa-2.2/src/modsrc/wrapper.c:314:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(szCmdTmp + nCmdPartLength + strlen(psCredSet->pPass), szTmp + 2, strlen(szTmp) - 2); 
data/medusa-2.2/src/modsrc/wrapper.c:314:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szCmdTmp + nCmdPartLength + strlen(psCredSet->pPass), szTmp + 2, strlen(szTmp) - 2); 
data/medusa-2.2/src/modsrc/wrapper.c:314:84:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strncpy(szCmdTmp + nCmdPartLength + strlen(psCredSet->pPass), szTmp + 2, strlen(szTmp) - 2); 
data/medusa-2.2/src/modsrc/wrapper.c:316:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
          strncpy(_psSessionData->szCmdParamFull, szCmdTmp, nCmdLength + 1);
data/medusa-2.2/src/modsrc/wrapper.c:333:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psSessionData->szCmdFull = malloc(strlen(_psSessionData->szCmd) + strlen(_psSessionData->szCmdParamFull) + 7);
data/medusa-2.2/src/modsrc/wrapper.c:333:76:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        _psSessionData->szCmdFull = malloc(strlen(_psSessionData->szCmd) + strlen(_psSessionData->szCmdParamFull) + 7);
data/medusa-2.2/src/modsrc/wrapper.c:334:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psSessionData->szCmdFull, 0, strlen(_psSessionData->szCmd) + strlen(_psSessionData->szCmdParamFull) + 7);
data/medusa-2.2/src/modsrc/wrapper.c:334:78:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memset(_psSessionData->szCmdFull, 0, strlen(_psSessionData->szCmd) + strlen(_psSessionData->szCmdParamFull) + 7);
data/medusa-2.2/src/modsrc/wrapper.c:335:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(_psSessionData->szCmdFull, _psSessionData->szCmd, strlen(_psSessionData->szCmd));
data/medusa-2.2/src/modsrc/wrapper.c:335:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(_psSessionData->szCmdFull, _psSessionData->szCmd, strlen(_psSessionData->szCmd));
data/medusa-2.2/src/modsrc/wrapper.c:336:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant character.
        strncat(_psSessionData->szCmdFull, " ", 1);
data/medusa-2.2/src/modsrc/wrapper.c:337:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
        strncat(_psSessionData->szCmdFull, _psSessionData->szCmdParamFull, strlen(_psSessionData->szCmdParamFull));
data/medusa-2.2/src/modsrc/wrapper.c:337:76:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncat(_psSessionData->szCmdFull, _psSessionData->szCmdParamFull, strlen(_psSessionData->szCmdParamFull));
data/medusa-2.2/src/modsrc/wrapper.c:338:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant string.
        strncat(_psSessionData->szCmdFull, " 1>&2", 5);
data/medusa-2.2/src/modsrc/wrapper.c:512:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bufSend = malloc(strlen(szPassword) + 2);
data/medusa-2.2/src/modsrc/wrapper.c:513:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(bufSend, 0, strlen(szPassword) + 2);
data/medusa-2.2/src/modsrc/wrapper.c:515:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iDataProcessed = write(_psSessionData->PARENT_WRITE, bufSend, strlen(bufSend));
data/medusa-2.2/src/modsrc/wrapper.c:530:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    iDataProcessed = read(_psSessionData->PARENT_READ, buffer, BUFSIZ);
data/medusa-2.2/src/modsrc/wrapper.c:567:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pBufTmp, buffer, sizeof(buffer));
data/medusa-2.2/src/uthash.h:203:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    HASH_FIND(hh,head,findstr,strlen(findstr),out)
data/medusa-2.2/src/uthash.h:205:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    HASH_ADD(hh,head,strfield,strlen(add->strfield),add)

ANALYSIS SUMMARY:

Hits = 1415
Lines analyzed = 26017 in approximately 0.83 seconds (31385 lines/second)
Physical Source Lines of Code (SLOC) = 19087
Hits@level = [0]  74 [1] 988 [2] 329 [3]   2 [4]  96 [5]   0
Hits@level+ = [0+] 1489 [1+] 1415 [2+] 427 [3+]  98 [4+]  96 [5+]   0
Hits/KSLOC@level+ = [0+] 78.0112 [1+] 74.1342 [2+] 22.3712 [3+] 5.13438 [4+] 5.0296 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.