Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mercurial-5.5.2/hgext/fsmonitor/pywatchman/bser.c
Examining data/mercurial-5.5.2/contrib/hgsh/hgsh.c
Examining data/mercurial-5.5.2/contrib/fuzz/revlog.cc
Examining data/mercurial-5.5.2/contrib/fuzz/dirs.cc
Examining data/mercurial-5.5.2/contrib/fuzz/standalone_fuzz_target_runner.cc
Examining data/mercurial-5.5.2/contrib/fuzz/xdiff.cc
Examining data/mercurial-5.5.2/contrib/fuzz/bdiff.cc
Examining data/mercurial-5.5.2/contrib/fuzz/manifest.cc
Examining data/mercurial-5.5.2/contrib/fuzz/pyutil.h
Examining data/mercurial-5.5.2/contrib/fuzz/jsonescapeu8fast.cc
Examining data/mercurial-5.5.2/contrib/fuzz/dirstate.cc
Examining data/mercurial-5.5.2/contrib/fuzz/pyutil.cc
Examining data/mercurial-5.5.2/contrib/fuzz/fncache.cc
Examining data/mercurial-5.5.2/contrib/fuzz/FuzzedDataProvider.h
Examining data/mercurial-5.5.2/contrib/fuzz/fm1readmarkers.cc
Examining data/mercurial-5.5.2/contrib/fuzz/fuzzutil.h
Examining data/mercurial-5.5.2/contrib/fuzz/mpatch.cc
Examining data/mercurial-5.5.2/contrib/chg/hgclient.h
Examining data/mercurial-5.5.2/contrib/chg/hgclient.c
Examining data/mercurial-5.5.2/contrib/chg/chg.c
Examining data/mercurial-5.5.2/contrib/chg/procutil.h
Examining data/mercurial-5.5.2/contrib/chg/util.h
Examining data/mercurial-5.5.2/contrib/chg/procutil.c
Examining data/mercurial-5.5.2/contrib/chg/util.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressionchunker.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/decompressobj.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/decompressoriterator.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressobj.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/bufferutil.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/frameparams.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressionreader.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/decompressionwriter.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressionwriter.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/constants.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressionparams.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressiondict.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/decompressor.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressor.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/decompressionreader.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressoriterator.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/c-ext/python-zstandard.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstdmt_compress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_sequences.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_literals.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_fast.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_sequences.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_double_fast.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_lazy.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_literals.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_opt.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_lazy.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/fse_compress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/huf_compress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/hist.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_ldm.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_double_fast.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_internal.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstdmt_compress.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_opt.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_ldm.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/hist.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_cwksp.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_fast.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/zstd.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/divsufsort.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/fastcover.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/zdict.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/divsufsort.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/zdict.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_block.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_block.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_internal.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_ddict.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_ddict.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/deprecated/zbuff_decompress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/deprecated/zbuff_common.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/deprecated/zbuff_compress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/deprecated/zbuff.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/cpu.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/compiler.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/debug.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/threading.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/bitstream.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/pool.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/zstd_common.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/pool.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/huf.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/error_private.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/error_private.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/threading.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/zstd_internal.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/mem.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/zstd_errors.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/fse_decompress.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/fse.h
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/entropy_common.c
Examining data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/debug.h
Examining data/mercurial-5.5.2/rust/chg/src/sendfds.c
Examining data/mercurial-5.5.2/rust/chg/src/sighandlers.c
Examining data/mercurial-5.5.2/mercurial/bdiff.h
Examining data/mercurial-5.5.2/mercurial/bdiff.c
Examining data/mercurial-5.5.2/mercurial/mpatch.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/zope/interface/_zope_interface_coptimizations.c
Examining data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.c
Examining data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/ubc_check.c
Examining data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/ubc_check.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/cext.c
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xprepare.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xinclude.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xdiffi.c
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xprepare.c
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xdiffi.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xtypes.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xutils.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xdiff.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xmacros.h
Examining data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xutils.c
Examining data/mercurial-5.5.2/mercurial/cext/revlog.c
Examining data/mercurial-5.5.2/mercurial/cext/base85.c
Examining data/mercurial-5.5.2/mercurial/cext/bdiff.c
Examining data/mercurial-5.5.2/mercurial/cext/charencode.h
Examining data/mercurial-5.5.2/mercurial/cext/manifest.c
Examining data/mercurial-5.5.2/mercurial/cext/osutil.c
Examining data/mercurial-5.5.2/mercurial/cext/charencode.c
Examining data/mercurial-5.5.2/mercurial/cext/parsers.c
Examining data/mercurial-5.5.2/mercurial/cext/pathencode.c
Examining data/mercurial-5.5.2/mercurial/cext/util.h
Examining data/mercurial-5.5.2/mercurial/cext/mpatch.c
Examining data/mercurial-5.5.2/mercurial/cext/dirs.c
Examining data/mercurial-5.5.2/mercurial/cext/revlog.h
Examining data/mercurial-5.5.2/mercurial/mpatch.c
Examining data/mercurial-5.5.2/mercurial/bitmanipulation.h
Examining data/mercurial-5.5.2/mercurial/compat.h
Examining data/mercurial-5.5.2/mercurial/exewrapper.c

FINAL RESULTS:

data/mercurial-5.5.2/contrib/chg/chg.c:178:6:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	r = snprintf(opts->sockname, sizeof(opts->sockname), sockfmt, basename);
data/mercurial-5.5.2/contrib/chg/chg.c:241:6:  [4] (shell) execvp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	if (execvp(hgcmd, (char **)argv) < 0)
data/mercurial-5.5.2/contrib/chg/chg.c:407:6:  [4] (shell) execvp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	if (execvp(gethgcmd(), (char **)argv) < 0)
data/mercurial-5.5.2/contrib/chg/procutil.c:245:7:  [4] (shell) execle:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
		    execle("/bin/sh", "/bin/sh", "-c", pagercmd, NULL, envp);
data/mercurial-5.5.2/contrib/chg/util.c:38:2:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	vfprintf(stderr, fmt, args);
data/mercurial-5.5.2/contrib/chg/util.c:95:2:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	vfprintf(stderr, fmt, args);
data/mercurial-5.5.2/contrib/chg/util.c:190:4:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
			execv("/bin/sh", (char **)argv);
data/mercurial-5.5.2/contrib/chg/util.h:14:46:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define PRINTF_FORMAT_ __attribute__((format(printf, 1, 2)))
data/mercurial-5.5.2/contrib/hgsh/hgsh.c:199:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(ssh, nargv);
data/mercurial-5.5.2/contrib/hgsh/hgsh.c:242:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(hg_shell, nargv);
data/mercurial-5.5.2/contrib/hgsh/hgsh.c:394:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(HG, nargv);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/debug.h:117:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                    fprintf(stderr, __VA_ARGS__);               \
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/debug.h:121:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                    fprintf(stderr, __FILE__ ": " __VA_ARGS__); \
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c:51:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, __VA_ARGS__);                                              \
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/fastcover.c:37:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, __VA_ARGS__);                                              \
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/zdict.c:71:32:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DISPLAY(...)         { fprintf(stderr, __VA_ARGS__); fflush( stderr ); }
data/mercurial-5.5.2/mercurial/cext/osutil.c:1285:28:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	handle = CreateFile(name, access,
data/mercurial-5.5.2/contrib/chg/chg.c:152:27:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	const char *runtimedir = getenv("XDG_RUNTIME_DIR");
data/mercurial-5.5.2/contrib/chg/chg.c:157:24:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		const char *tmpdir = getenv("TMPDIR");
data/mercurial-5.5.2/contrib/chg/chg.c:170:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	const char *envsockname = getenv("CHGSOCKNAME");
data/mercurial-5.5.2/contrib/chg/chg.c:191:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		hgcmd = getenv("CHGHG");
data/mercurial-5.5.2/contrib/chg/chg.c:193:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
			hgcmd = getenv("HG");
data/mercurial-5.5.2/contrib/chg/chg.c:229:29:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	const char *lc_ctype_env = getenv("LC_CTYPE");
data/mercurial-5.5.2/contrib/chg/chg.c:255:27:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	const char *timeoutenv = getenv("CHGTIMEOUT");
data/mercurial-5.5.2/contrib/chg/chg.c:332:23:  [3] (buffer) realpath:
  This function does not protect against buffer overflows, and some
  implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
  destination buffer is at least of size MAXPATHLEN, andto protect against
  implementation problems, the input argument should also be checked to
  ensure it is no larger than MAXPATHLEN.
	char *resolvedpath = realpath(opts->sockname, NULL);
data/mercurial-5.5.2/contrib/chg/chg.c:413:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("CHGDEBUG"))
data/mercurial-5.5.2/contrib/chg/chg.c:416:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (!getenv("HGPLAIN") && isatty(fileno(stderr)))
data/mercurial-5.5.2/contrib/chg/chg.c:419:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("CHGINTERNALMARK"))
data/mercurial-5.5.2/contrib/hgsh/hgsh.c:418:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("SSH_CLIENT")) {
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/threading.h:50:52:  [3] (misc) InitializeCriticalSection:
  Exceptions can be thrown in low-memory situations. Use
  InitializeCriticalSectionAndSpinCount instead.
#define ZSTD_pthread_mutex_init(a, b)  ((void)(b), InitializeCriticalSection((a)), 0)
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/threading.h:52:40:  [3] (misc) EnterCriticalSection:
  On some versions of Windows, exceptions can be thrown in low-memory
  situations. Use InitializeCriticalSectionAndSpinCount instead.
#define ZSTD_pthread_mutex_lock(a)     EnterCriticalSection((a))
data/mercurial-5.5.2/mercurial/exewrapper.c:96:11:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
		pydll = LoadLibrary(pydllfile);
data/mercurial-5.5.2/mercurial/exewrapper.c:112:11:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
		pydll = LoadLibrary(_T(HGPYTHONLIB) _T(".dll"));
data/mercurial-5.5.2/contrib/chg/chg.c:34:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char sockname[PATH_MAX];
data/mercurial-5.5.2/contrib/chg/chg.c:35:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char initsockname[PATH_MAX];
data/mercurial-5.5.2/contrib/chg/chg.c:36:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char redirectsockname[PATH_MAX];
data/mercurial-5.5.2/contrib/chg/chg.c:105:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(opts->args + opts->argsize, argv + i,
data/mercurial-5.5.2/contrib/chg/chg.c:169:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char sockdir[PATH_MAX];
data/mercurial-5.5.2/contrib/chg/chg.c:222:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(argv, baseargv, sizeof(baseargv));
data/mercurial-5.5.2/contrib/chg/chg.c:225:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(argv + baseargvsize, opts->args, size);
data/mercurial-5.5.2/contrib/chg/hgclient.c:172:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[strlen(chcmd) + 1];
data/mercurial-5.5.2/contrib/chg/hgclient.c:190:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(ctx->data + ctx->datasize, *it, n);
data/mercurial-5.5.2/contrib/chg/hgclient.c:259:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(ctx->data, &r_n, sizeof(r_n));
data/mercurial-5.5.2/contrib/chg/hgclient.c:408:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fdbuf[CMSG_SPACE(sizeof(fds))];
data/mercurial-5.5.2/contrib/chg/hgclient.c:415:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(CMSG_DATA(cmsg), fds, sizeof(fds));
data/mercurial-5.5.2/contrib/chg/hgclient.c:450:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(hgc->ctx.data, &data, sizeof(data));
data/mercurial-5.5.2/contrib/chg/hgclient.c:484:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char sockdir[len + 1];
data/mercurial-5.5.2/contrib/chg/hgclient.c:485:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(sockdir, sockname, len);
data/mercurial-5.5.2/contrib/chg/hgclient.c:488:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			bakfd = open(".", O_DIRECTORY);
data/mercurial-5.5.2/contrib/fuzz/FuzzedDataProvider.h:329:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		std::memcpy(result.data(), data_ptr_, num_bytes_to_consume);
data/mercurial-5.5.2/contrib/fuzz/mpatch.cc:86:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(bin.data.get(), start, nthsize);
data/mercurial-5.5.2/contrib/fuzz/pyutil.cc:16:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char cpypath[8192] = "\0";
data/mercurial-5.5.2/contrib/fuzz/pyutil.cc:36:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char wd[8192];
data/mercurial-5.5.2/contrib/hgsh/hgsh.c:287:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *nargv[6];
data/mercurial-5.5.2/contrib/hgsh/hgsh.c:406:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char host[1024];
data/mercurial-5.5.2/contrib/python-zstandard/c-ext/bufferutil.c:113:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(self->segments, segments.buf, segments.len);
data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressiondict.c:96:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(sampleOffset, PyBytes_AS_STRING(sampleItem), sampleSize);
data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressiondict.c:225:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(self->dictData, source.buf, source.len);
data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressobj.c:83:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(PyBytes_AS_STRING(result) + resultSize,
data/mercurial-5.5.2/contrib/python-zstandard/c-ext/compressobj.c:176:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(PyBytes_AS_STRING(result) + resultSize,
data/mercurial-5.5.2/contrib/python-zstandard/c-ext/decompressobj.c:99:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(PyBytes_AS_STRING(result) + resultSize,
data/mercurial-5.5.2/contrib/python-zstandard/c-ext/decompressoriterator.c:169:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy((void*)self->input.src, readBuffer, readSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd.c:337:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(PyBytes_AS_STRING(tmp), PyBytes_AS_STRING(*obj),
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/entropy_common.c:77:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[4];
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/entropy_common.c:79:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer, headerBuffer, hbSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/fse_decompress.c:123:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dt, &DTableH, sizeof(DTableH));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/mem.h:259:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(memPtr, &value, sizeof(value));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/mem.h:264:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(memPtr, &value, sizeof(value));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/mem.h:269:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(memPtr, &value, sizeof(value));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/pool.c:209:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(threadPool, ctx->threads, ctx->threadCapacity * sizeof(*threadPool));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c:107:76:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
static void* XXH_memcpy(void* dest, const void* src, size_t size) { return memcpy(dest,src,size); }
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c:330:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dstState, srcState, sizeof(*dstState));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c:335:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dstState, srcState, sizeof(*dstState));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c:582:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(statePtr, &state, sizeof(state));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c:595:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(statePtr, &state, sizeof(state));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c:864:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst, &hash, sizeof(*dst));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.c:871:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst, &hash, sizeof(*dst));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.h:246:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef struct { unsigned char digest[4]; } XXH32_canonical_t;
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/xxhash.h:247:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef struct { unsigned char digest[8]; } XXH64_canonical_t;
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/zstd_internal.h:194:54:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
static void ZSTD_copy8(void* dst, const void* src) { memcpy(dst, src, 8); }
data/mercurial-5.5.2/contrib/python-zstandard/zstd/common/zstd_internal.h:197:55:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
static void ZSTD_copy16(void* dst, const void* src) { memcpy(dst, src, 16); }
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/huf_compress.c:719:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(oldHufTable, table->CTable, sizeof(table->CTable));  /* Save new table */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:893:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dictBuffer, dict, dictSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1637:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->blockState.prevCBlock, &cdict->cBlockState, sizeof(cdict->cBlockState));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1670:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(cctx->blockState.matchState.hashTable,
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1673:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(cctx->blockState.matchState.chainTable,
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1698:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->blockState.prevCBlock, &cdict->cBlockState, sizeof(cdict->cBlockState));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1741:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&dstCCtx->customMem, &srcCCtx->customMem, sizeof(ZSTD_customMem));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1763:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dstCCtx->blockState.matchState.hashTable,
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1766:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dstCCtx->blockState.matchState.chainTable,
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1769:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dstCCtx->blockState.matchState.hashTable3,
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1787:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dstCCtx->blockState.prevCBlock, srcCCtx->blockState.prevCBlock, sizeof(*srcCCtx->blockState.prevCBlock));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:1898:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((BYTE*)dst + ZSTD_blockHeaderSize, src, srcSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:2004:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&nextEntropy->fse, &prevEntropy->fse, sizeof(prevEntropy->fse));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:2207:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(seqStorePtr->lit, anchor, lastLLSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:3208:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(internalBuffer, dictBuffer, dictSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress.c:3644:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if (length) memcpy(dst, src, length);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_literals.c:38:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ostart + flSize, src, srcSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_literals.c:87:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_literals.c:118:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_literals.c:122:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_compress_sequences.c:238:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(nextCTable, prevCTable, prevCTableSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_opt.c:937:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(opt[pos].rep, &repHistory, sizeof(repHistory));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstd_opt.c:1033:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(opt[pos].rep, &repHistory, sizeof(repHistory));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstdmt_compress.c:238:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(newBuffer.start, buffer.start, buffer.capacity);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstdmt_compress.c:1717:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy((char*)output->dst + output->pos,
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/zstdmt_compress.c:2048:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy((char*)mtctx->inBuff.buffer.start + mtctx->inBuff.filled, (const char*)input->src + input->pos, syncPoint.toLoad);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c:171:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(DTable, &dtd, sizeof(dtd));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c:658:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(DTable, &dtd, sizeof(dtd));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c:674:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(op, dt+val, 2);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c:683:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(op, dt+val, 1);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c:1051:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; }   /* not compressed */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c:1074:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; }   /* not compressed */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/huf_decompress.c:1134:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; }   /* not compressed */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_ddict.c:130:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(internalBuffer, dict, dictSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_ddict.c:197:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ddict+1, dict, dictSize);  /* local copy */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:177:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dstDCtx, srcDCtx, toCopy);  /* no need to copy workspace */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:593:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst, src, srcSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:887:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(dctx->headerBuffer, src, srcSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:894:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dctx->headerBuffer, src, srcSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:901:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dctx->headerBuffer + (dctx->headerSize - srcSize), src, srcSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:996:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dctx->headerBuffer + (ZSTD_SKIPPABLEHEADERSIZE - srcSize), src, srcSize);   /* complete skippable header */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:1142:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dctx->entropy.rep, repStartValue, sizeof(repStartValue));  /* initial repcodes */
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:1482:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst, src, length);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:1561:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(zds->headerBuffer + zds->lhSize, ip, remainingInput);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress.c:1568:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(zds->headerBuffer + zds->lhSize, ip, toLoad); zds->lhSize = hSize; ip += toLoad;
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_block.c:47:54:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
static void ZSTD_copy4(void* dst, const void* src) { memcpy(dst, src, 4); }
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_block.c:194:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(dctx->litBuffer, istart+lhSize, litSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_block.c:399:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dt, &DTableH, sizeof(DTableH));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_block.c:951:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(op, litPtr, lastLLSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/decompress/zstd_decompress_block.c:1122:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(op, litPtr, lastLLSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c:709:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dict + tail, ctx->samples + segment.begin, segmentSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c:923:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(best->dict, dict, dictSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c:968:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(largestDictbuffer, customDictContent, dictContentSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c:1002:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(candidateDictBuffer, largestDictbuffer, largestDict);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c:1077:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(freqs, ctx->freqs, ctx->suffixSize * sizeof(U32));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/cover.c:1231:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dictBuffer, best.dict, dictSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/fastcover.c:429:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dict + tail, ctx->samples + segment.begin, segmentSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/fastcover.c:473:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(freqs, ctx->freqs, ((U64)1 << ctx->f) * sizeof(U32));
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/fastcover.c:741:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dictBuffer, best.dict, dictSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/zdict.c:907:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dictBuffer, header, hSize);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/zdict.c:1045:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ptr, (const char*)samplesBuffer+dictList[u].pos, l);
data/mercurial-5.5.2/contrib/python-zstandard/zstd/dictBuilder/zdict.c:1074:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(newBuff, samplesBuffer, sBuffSize);
data/mercurial-5.5.2/hgext/fsmonitor/pywatchman/bser.c:304:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bser->buf + bser->wpos, data, len);
data/mercurial-5.5.2/hgext/fsmonitor/pywatchman/bser.c:571:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bser.buf + 3, &len, sizeof(len));
data/mercurial-5.5.2/hgext/fsmonitor/pywatchman/bser.c:575:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bser.buf + 2, &bser_capabilities, sizeof(bser_capabilities));
data/mercurial-5.5.2/hgext/fsmonitor/pywatchman/bser.c:576:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bser.buf + 7, &len, sizeof(len));
data/mercurial-5.5.2/mercurial/bitmanipulation.h:47:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&ret, &t, sizeof(t));
data/mercurial-5.5.2/mercurial/cext/base85.c:20:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char b85dec[256];
data/mercurial-5.5.2/mercurial/cext/bdiff.c:155:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(rb + 12, bl[lb].l, len);
data/mercurial-5.5.2/mercurial/cext/charencode.c:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char lowertable[128] = {
data/mercurial-5.5.2/mercurial/cext/charencode.c:48:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char uppertable[128] = {
data/mercurial-5.5.2/mercurial/cext/charencode.c:100:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char hexchartable[16] = {
data/mercurial-5.5.2/mercurial/cext/charencode.c:160:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
_asciitransform(PyObject *str_obj, const char table[128], PyObject *fallback_fn)
data/mercurial-5.5.2/mercurial/cext/charencode.c:374:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(escbuf + j, "\\u00", 4);
data/mercurial-5.5.2/mercurial/cext/manifest.c:92:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char newhash[33];
data/mercurial-5.5.2/mercurial/cext/manifest.c:93:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(newhash, PyBytes_AsString(hash), hlen_raw);
data/mercurial-5.5.2/mercurial/cext/manifest.c:609:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dest, path, plen + 1);
data/mercurial-5.5.2/mercurial/cext/manifest.c:614:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(dest + plen + 1 + (i * 2), "%02x", (unsigned char)hash[i]);
data/mercurial-5.5.2/mercurial/cext/manifest.c:616:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dest + plen + 2 * hlen + 1, flags, flen);
data/mercurial-5.5.2/mercurial/cext/manifest.c:705:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(data, src->start, src->len);
data/mercurial-5.5.2/mercurial/cext/manifest.c:749:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(copy->lines, self->lines, self->numlines * sizeof(line));
data/mercurial-5.5.2/mercurial/cext/osutil.c:245:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(pattern, path, plen);
data/mercurial-5.5.2/mercurial/cext/osutil.c:332:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&((struct listdir_stat *)stat)->st, st, sizeof(*st));
data/mercurial-5.5.2/mercurial/cext/osutil.c:340:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fullpath[PATH_MAX + 10];
data/mercurial-5.5.2/mercurial/cext/osutil.c:358:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	dfd = open(path, O_RDONLY);
data/mercurial-5.5.2/mercurial/cext/osutil.c:491:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char attrbuf[LISTDIR_BATCH_SIZE * (sizeof(attrbuf_entry) + NAME_MAX * 3 + 1)];
data/mercurial-5.5.2/mercurial/cext/osutil.c:513:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	dfd = open(path, O_RDONLY);
data/mercurial-5.5.2/mercurial/cext/osutil.c:707:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dummy[1];
data/mercurial-5.5.2/mercurial/cext/osutil.c:737:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cbuf[256];
data/mercurial-5.5.2/mercurial/cext/osutil.c:1227:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fpmode[4];
data/mercurial-5.5.2/mercurial/cext/parsers.c:367:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(p, s, l);
data/mercurial-5.5.2/mercurial/cext/parsers.c:374:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(p, s, l);
data/mercurial-5.5.2/mercurial/cext/parsers.c:418:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(p, PyBytes_AS_STRING(k), len);
data/mercurial-5.5.2/mercurial/cext/parsers.c:424:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(p, PyBytes_AS_STRING(o), l);
data/mercurial-5.5.2/mercurial/cext/pathencode.c:79:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((void *)&dest[*destlen], src, len);
data/mercurial-5.5.2/mercurial/cext/pathencode.c:564:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static PyObject *hashmangle(const char *src, Py_ssize_t len, const char sha[20])
data/mercurial-5.5.2/mercurial/cext/pathencode.c:564:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static PyObject *hashmangle(const char *src, Py_ssize_t len, const char sha[20])
data/mercurial-5.5.2/mercurial/cext/pathencode.c:690:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static int sha1hash(char hash[20], const char *str, Py_ssize_t len)
data/mercurial-5.5.2/mercurial/cext/pathencode.c:732:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(hash, PyBytes_AS_STRING(hashobj), 20);
data/mercurial-5.5.2/mercurial/cext/pathencode.c:741:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dired[MAXENCODE];
data/mercurial-5.5.2/mercurial/cext/pathencode.c:742:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char lowered[MAXENCODE];
data/mercurial-5.5.2/mercurial/cext/pathencode.c:743:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char auxed[MAXENCODE];
data/mercurial-5.5.2/mercurial/cext/pathencode.c:745:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char sha[20];
data/mercurial-5.5.2/mercurial/cext/revlog.c:107:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char nullid[20] = {0};
data/mercurial-5.5.2/mercurial/exewrapper.c:32:8:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static TCHAR pyscript[MAX_PATH + 10];
data/mercurial-5.5.2/mercurial/exewrapper.c:33:8:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static TCHAR pyhome[MAX_PATH + 10];
data/mercurial-5.5.2/mercurial/exewrapper.c:34:8:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static TCHAR pydllfile[MAX_PATH + 10];
data/mercurial-5.5.2/mercurial/mpatch.c:278:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(c->tail, a->head, sizeof(struct mpatch_frag) * lsize(a));
data/mercurial-5.5.2/mercurial/mpatch.c:363:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(p, orig + last, f->start - last);
data/mercurial-5.5.2/mercurial/mpatch.c:365:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(p, f->data, f->len);
data/mercurial-5.5.2/mercurial/mpatch.c:373:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(p, orig + last, len - last);
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/cext.c:92:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char hash[20];
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/cext.c:102:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char hash[20];
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/cext.c:103:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char hexhash[40];
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.c:197:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(W, m, 16 * 4);
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.c:1834:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(ctx->buffer + left, buf, fill);
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.c:1847:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(ctx->buffer, buf, 64);
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.c:1856:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(ctx->buffer + left, buf, len);
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.c:1860:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sha1_padding[64] =
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.c:1868:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int SHA1DCFinal(unsigned char output[20], SHA1_CTX *ctx)
data/mercurial-5.5.2/mercurial/thirdparty/sha1dc/lib/sha1.h:49:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char buffer[64];
data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xprepare.c:181:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&msmall, mf1, sizeof(mmfile_t));
data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xprepare.c:182:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&mlarge, mf2, sizeof(mmfile_t));
data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xprepare.c:184:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&msmall, mf2, sizeof(mmfile_t));
data/mercurial-5.5.2/mercurial/thirdparty/xdiff/xprepare.c:185:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&mlarge, mf1, sizeof(mmfile_t));
data/mercurial-5.5.2/rust/chg/src/sendfds.c:26:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dummy[1] = {0};
data/mercurial-5.5.2/rust/chg/src/sendfds.c:28:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fdbuf[CMSG_SPACE(sizeof(fds[0]) * MAX_FD_LEN)];
data/mercurial-5.5.2/rust/chg/src/sendfds.c:48:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(CMSG_DATA(cmsg), fds, sizeof(fds[0]) * fdlen);
data/mercurial-5.5.2/contrib/chg/chg.c:69:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		size_t len = strlen(flags[i].name);
data/mercurial-5.5.2/contrib/chg/hgclient.c:172:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char buf[strlen(chcmd) + 1];
data/mercurial-5.5.2/contrib/chg/hgclient.c:188:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		const size_t n = strlen(*it) + 1; /* include '\0' */
data/mercurial-5.5.2/contrib/chg/hgclient.c:238:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	ctx->datasize = strlen(ctx->data);
data/mercurial-5.5.2/contrib/chg/hgclient.c:329:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			    strlen(cap->name) == n) {
data/mercurial-5.5.2/contrib/chg/hgclient.c:439:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	hgc->ctx.datasize = strlen(hgc->ctx.data);
data/mercurial-5.5.2/contrib/chg/hgclient.c:445:16:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
	mode_t mask = umask(0);
data/mercurial-5.5.2/contrib/chg/hgclient.c:446:2:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
	umask(mask);
data/mercurial-5.5.2/contrib/chg/hgclient.c:501:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(basename) >= sizeof(addr.sun_path)) {
data/mercurial-5.5.2/contrib/chg/hgclient.c:504:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(addr.sun_path, basename, sizeof(addr.sun_path));
data/mercurial-5.5.2/contrib/fuzz/manifest.cc:32:54:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  assert cloned.text() == mdata, 'cloned text should equal mdata'
data/mercurial-5.5.2/contrib/fuzz/pyutil.cc:46:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(cpypath, pypath.c_str(), pypath.size());
data/mercurial-5.5.2/contrib/fuzz/standalone_fuzz_target_runner.cc:36:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		in.read(bytes.data(), bytes.size());
data/mercurial-5.5.2/contrib/hgsh/hgsh.c:318:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	repolen = repo ? strlen(repo) : 0;
data/mercurial-5.5.2/contrib/python-zstandard/zstd/compress/fse_compress.c:509:9:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        getchar();
data/mercurial-5.5.2/mercurial/cext/osutil.c:354:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(fullpath, path, PATH_MAX);
data/mercurial-5.5.2/mercurial/cext/osutil.c:386:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(fullpath + pathlen + 1, ent->d_name,
data/mercurial-5.5.2/mercurial/cext/osutil.c:395:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(fullpath + pathlen + 1, ent->d_name,
data/mercurial-5.5.2/mercurial/cext/osutil.c:813:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				len = strlen(argv[i]);
data/mercurial-5.5.2/mercurial/exewrapper.c:20:10:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
	return !strncat(d, s, n);
data/mercurial-5.5.2/mercurial/exewrapper.c:24:10:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	return !strncpy(d, s, n);

ANALYSIS SUMMARY:

Hits = 230
Lines analyzed = 64082 in approximately 1.75 seconds (36574 lines/second)
Physical Source Lines of Code (SLOC) = 46231
Hits@level = [0]  24 [1]  21 [2] 176 [3]  16 [4]  17 [5]   0
Hits@level+ = [0+] 254 [1+] 230 [2+] 209 [3+]  33 [4+]  17 [5+]   0
Hits/KSLOC@level+ = [0+] 5.49415 [1+] 4.97502 [2+] 4.52078 [3+] 0.713807 [4+] 0.367719 [5+]   0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.