Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/moria-5.7.13/src/wizard.cpp
Examining data/moria-5.7.13/src/staves.cpp
Examining data/moria-5.7.13/src/data_player.cpp
Examining data/moria-5.7.13/src/dungeon_los.cpp
Examining data/moria-5.7.13/src/rng.cpp
Examining data/moria-5.7.13/src/inventory.h
Examining data/moria-5.7.13/src/dice.h
Examining data/moria-5.7.13/src/scrolls.cpp
Examining data/moria-5.7.13/src/ui.cpp
Examining data/moria-5.7.13/src/monster.cpp
Examining data/moria-5.7.13/src/curses.h
Examining data/moria-5.7.13/src/player.h
Examining data/moria-5.7.13/src/game.h
Examining data/moria-5.7.13/src/rng.h
Examining data/moria-5.7.13/src/dungeon_tile.h
Examining data/moria-5.7.13/src/version.h
Examining data/moria-5.7.13/src/scrolls.h
Examining data/moria-5.7.13/src/scores.h
Examining data/moria-5.7.13/src/store.cpp
Examining data/moria-5.7.13/src/recall.h
Examining data/moria-5.7.13/src/monster.h
Examining data/moria-5.7.13/src/inventory.cpp
Examining data/moria-5.7.13/src/data_treasure.cpp
Examining data/moria-5.7.13/src/player_run.cpp
Examining data/moria-5.7.13/src/helpers.cpp
Examining data/moria-5.7.13/src/data_recall.cpp
Examining data/moria-5.7.13/src/mage_spells.cpp
Examining data/moria-5.7.13/src/store_inventory.cpp
Examining data/moria-5.7.13/src/game_objects.cpp
Examining data/moria-5.7.13/src/store.h
Examining data/moria-5.7.13/src/data_store_owners.cpp
Examining data/moria-5.7.13/src/ui.h
Examining data/moria-5.7.13/src/data_tables.cpp
Examining data/moria-5.7.13/src/player_magic.cpp
Examining data/moria-5.7.13/src/identification.cpp
Examining data/moria-5.7.13/src/recall.cpp
Examining data/moria-5.7.13/src/game_save.cpp
Examining data/moria-5.7.13/src/spells.h
Examining data/moria-5.7.13/src/player_move.cpp
Examining data/moria-5.7.13/src/treasure.h
Examining data/moria-5.7.13/src/player_tunnel.cpp
Examining data/moria-5.7.13/src/game.cpp
Examining data/moria-5.7.13/src/player_stats.cpp
Examining data/moria-5.7.13/src/helpers.h
Examining data/moria-5.7.13/src/data_stores.cpp
Examining data/moria-5.7.13/src/types.h
Examining data/moria-5.7.13/src/player_pray.cpp
Examining data/moria-5.7.13/src/headers.h
Examining data/moria-5.7.13/src/staves.h
Examining data/moria-5.7.13/src/config.h
Examining data/moria-5.7.13/src/treasure.cpp
Examining data/moria-5.7.13/src/wizard.h
Examining data/moria-5.7.13/src/player_bash.cpp
Examining data/moria-5.7.13/src/dungeon.h
Examining data/moria-5.7.13/src/monster_manager.cpp
Examining data/moria-5.7.13/src/spells.cpp
Examining data/moria-5.7.13/src/game_run.cpp
Examining data/moria-5.7.13/src/identification.h
Examining data/moria-5.7.13/src/player.cpp
Examining data/moria-5.7.13/src/ui_io.cpp
Examining data/moria-5.7.13/src/dungeon_generate.cpp
Examining data/moria-5.7.13/src/game_death.cpp
Examining data/moria-5.7.13/src/player_traps.cpp
Examining data/moria-5.7.13/src/mage_spells.h
Examining data/moria-5.7.13/src/character.h
Examining data/moria-5.7.13/src/player_eat.cpp
Examining data/moria-5.7.13/src/data_creatures.cpp
Examining data/moria-5.7.13/src/ui_inventory.cpp
Examining data/moria-5.7.13/src/dungeon.cpp
Examining data/moria-5.7.13/src/main.cpp
Examining data/moria-5.7.13/src/player_throw.cpp
Examining data/moria-5.7.13/src/player_quaff.cpp
Examining data/moria-5.7.13/src/character.cpp
Examining data/moria-5.7.13/src/dice.cpp
Examining data/moria-5.7.13/src/game_files.cpp
Examining data/moria-5.7.13/src/config.cpp
Examining data/moria-5.7.13/src/scores.cpp
FINAL RESULTS:
data/moria-5.7.13/src/game_save.cpp:406:16: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
(void) chmod(filename.c_str(), 0600);
data/moria-5.7.13/src/game_save.cpp:491:17: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
(chmod(config::files::save_game.c_str(), 0400) < 0 || (fd = open(config::files::save_game.c_str(), O_RDONLY, 0)) < 0)) {
data/moria-5.7.13/src/character.cpp:123:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "%c) %s", i + 'a', character_races[i].name);
data/moria-5.7.13/src/character.cpp:205:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(history_block, background.info);
data/moria-5.7.13/src/character.cpp:342:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "%c) %s", class_id + 'a', classes[i].title);
data/moria-5.7.13/src/dungeon.cpp:63:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line_buffer, "|%s|", map);
data/moria-5.7.13/src/dungeon.cpp:87:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line_buffer, "|%s|", map);
data/moria-5.7.13/src/dungeon_los.cpp:506:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s %s %s. [(r)ecall]", description, isVowel(creatures_list[j].name[0]) ? "an" : "a", creatures_list[j].name);
data/moria-5.7.13/src/dungeon_los.cpp:532:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s %s ---pause---", description, obj_string);
data/moria-5.7.13/src/dungeon_los.cpp:565:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s %s ---pause---", description, wall_description);
data/moria-5.7.13/src/game.cpp:146:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(str, "%-38s: %s", game_options[max].o_prompt, (*game_options[max].o_var ? "yes" : "no "));
data/moria-5.7.13/src/game_files.cpp:388:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Can't open file %s:", filename);
data/moria-5.7.13/src/game_run.cpp:70:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!start_new_game && (access(config::files::save_game.c_str(), 0) == 0) && loadGame(generate)) {
data/moria-5.7.13/src/game_run.cpp:946:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(tmp_str, "There's something about what you are %s...", playerItemWearingDescription(i));
data/moria-5.7.13/src/game_run.cpp:1505:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf(tmp_str, //
data/moria-5.7.13/src/game_run.cpp:1512:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(out_val, "Map sector [%d,%d], which is%s your sector. Look which direction?", panel.y, panel.x, tmp_str);
data/moria-5.7.13/src/game_run.cpp:2243:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "The %s is in your way!", creatures_list[monsters[tile.creature_id].creature_id].name);
data/moria-5.7.13/src/game_save.cpp:70:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(config::files::save_game.c_str(), 0) < 0 || !getInputConfirmation("File exists. Delete old save file?") || (i = unlink(config::files::save_game.c_str())) < 0) {
data/moria-5.7.13/src/game_save.cpp:405:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (fd < 0 && access(filename.c_str(), 0) >= 0 && ((from_save_file != 0) || (game.wizard_mode && getInputConfirmation("Can't make new save file. Overwrite old?")))) {
data/moria-5.7.13/src/game_save.cpp:477:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(config::files::save_game.c_str(), 0) != 0) {
data/moria-5.7.13/src/helpers.cpp:55:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(str2, str + from_len);
data/moria-5.7.13/src/helpers.cpp:58:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(to_string, "%s+%d%s", str1, number, str2);
data/moria-5.7.13/src/helpers.cpp:60:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(to_string, "%s%d%s", str1, number, str2);
data/moria-5.7.13/src/helpers.cpp:96:20: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(new_string, str_to_insert);
data/moria-5.7.13/src/helpers.cpp:99:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(new_string, (pc + from_len));
data/moria-5.7.13/src/helpers.cpp:100:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(to_string, new_string);
data/moria-5.7.13/src/identification.cpp:290:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(title, syllables[randomNumber(MAX_SYLLABLES) - 1]);
data/moria-5.7.13/src/identification.cpp:303:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(item_title, title);
data/moria-5.7.13/src/identification.cpp:673:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(description, game_objects[item.id].name);
data/moria-5.7.13/src/identification.cpp:677:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "the entrance to the %s.", game_objects[item.id].name);
data/moria-5.7.13/src/identification.cpp:687:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf(tmp_val, basenm, modstr);
data/moria-5.7.13/src/identification.cpp:689:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(tmp_val, basenm);
data/moria-5.7.13/src/identification.cpp:694:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, game_objects[item.id].name);
data/moria-5.7.13/src/identification.cpp:706:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(description, &tmp_val[5]);
data/moria-5.7.13/src/identification.cpp:709:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(description, &tmp_val[2]);
data/moria-5.7.13/src/identification.cpp:711:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(description, tmp_val);
data/moria-5.7.13/src/identification.cpp:723:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, special_item_names[item.special_name_id]);
data/moria-5.7.13/src/identification.cpp:727:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, damstr);
data/moria-5.7.13/src/identification.cpp:743:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, tmp_str);
data/moria-5.7.13/src/identification.cpp:750:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, tmp_str);
data/moria-5.7.13/src/identification.cpp:754:20: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, tmp_str);
data/moria-5.7.13/src/identification.cpp:760:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, tmp_str);
data/moria-5.7.13/src/identification.cpp:796:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_val, tmp_str);
data/moria-5.7.13/src/identification.cpp:802:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "%d%s", (int) item.items_count, &tmp_val[1]);
data/moria-5.7.13/src/identification.cpp:804:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "%s%s", "no more", &tmp_val[1]);
data/moria-5.7.13/src/identification.cpp:806:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "an%s", &tmp_val[1]);
data/moria-5.7.13/src/identification.cpp:808:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "a%s", &tmp_val[1]);
data/moria-5.7.13/src/identification.cpp:815:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "no more %s", &tmp_val[5]);
data/moria-5.7.13/src/identification.cpp:818:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "no more %s", tmp_val);
data/moria-5.7.13/src/identification.cpp:821:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(description, tmp_val);
data/moria-5.7.13/src/identification.cpp:849:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(tmp_str, item.inscription);
data/moria-5.7.13/src/identification.cpp:856:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(tmp_val, " {%s}", tmp_str);
data/moria-5.7.13/src/identification.cpp:857:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(description, tmp_val);
data/moria-5.7.13/src/identification.cpp:889:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(out_val, "You have %s", tmp_str);
data/moria-5.7.13/src/identification.cpp:909:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(inscription, "Inscribing %s", msg);
data/moria-5.7.13/src/identification.cpp:914:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(inscription, "Replace %s New inscription:", py.inventory[item_id].inscription);
data/moria-5.7.13/src/identification.cpp:938:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(item.inscription, inscription);
data/moria-5.7.13/src/identification.cpp:949:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(description, "The %s", name);
data/moria-5.7.13/src/identification.cpp:954:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s is in your way!", description);
data/moria-5.7.13/src/inventory.cpp:89:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(prt2, "Dropped %s", prt1);
data/moria-5.7.13/src/inventory.cpp:413:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s resists damage!", description);
data/moria-5.7.13/src/inventory.cpp:419:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s is damaged!", description);
data/moria-5.7.13/src/monster.cpp:368:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%sis unaffected.", monster_name);
data/moria-5.7.13/src/monster.cpp:370:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%sappears confused.", monster_name);
data/moria-5.7.13/src/monster.cpp:400:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(name, "The %s ", creature.name);
data/moria-5.7.13/src/monster.cpp:429:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(description, name);
data/moria-5.7.13/src/monster.cpp:467:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(description, name);
data/moria-5.7.13/src/monster.cpp:798:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%sdraws psychic energy from you!", monster_name);
data/moria-5.7.13/src/monster.cpp:802:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%sappears healthier.", monster_name);
data/moria-5.7.13/src/monster.cpp:872:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(name, "The %s ", creature.name);
data/moria-5.7.13/src/monster.cpp:1300:32: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "The %s ", creatures_list[monster.creature_id].name);
data/moria-5.7.13/src/player.cpp:257:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(*description, "The %s", monster_name);
data/moria-5.7.13/src/player.cpp:259:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(*description, "an %s", monster_name);
data/moria-5.7.13/src/player.cpp:261:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(*description, "a %s", monster_name);
data/moria-5.7.13/src/player.cpp:616:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s%s (%c)", p, description, 'a' + pack_position_id);
data/moria-5.7.13/src/player.cpp:618:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s%s", p, description);
data/moria-5.7.13/src/player.cpp:659:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(game.character_died_from, creature_name_label);
data/moria-5.7.13/src/player.cpp:704:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have found %s", description);
data/moria-5.7.13/src/player.cpp:853:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(tmp_str, "You can't learn any new %ss!", (stat == PlayerAttr::A_INT ? "spell" : "prayer"));
data/moria-5.7.13/src/player.cpp:937:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(tmp_str, "You have learned the prayer of %s.", spell_names[spell_bank[id] + offset]);
data/moria-5.7.13/src/player.cpp:1124:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(name, "the %s", creature.name);
data/moria-5.7.13/src/player.cpp:1139:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You miss %s.", name);
data/moria-5.7.13/src/player.cpp:1144:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You hit %s.", name);
data/moria-5.7.13/src/player.cpp:1168:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s is unaffected.", name);
data/moria-5.7.13/src/player.cpp:1170:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s appears confused.", name);
data/moria-5.7.13/src/player.cpp:1186:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have slain %s.", name);
data/moria-5.7.13/src/player.cpp:1446:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have forgotten the %s of %s.", p, spell_names[i + offset]);
data/moria-5.7.13/src/player.cpp:1520:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have remembered the %s of %s.", p, spell_names[order_id + offset]);
data/moria-5.7.13/src/player.cpp:1579:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have forgotten the %s of %s.", p, spell_names[order_id + offset]);
data/moria-5.7.13/src/player.cpp:1624:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You can learn some new %ss now.", magic_type_str);
data/moria-5.7.13/src/player_bash.cpp:98:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(name, "the %s", creature.name);
data/moria-5.7.13/src/player_bash.cpp:113:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You hit %s.", name);
data/moria-5.7.13/src/player_bash.cpp:127:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have slain %s.", name);
data/moria-5.7.13/src/player_bash.cpp:148:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s appears stunned!", name);
data/moria-5.7.13/src/player_bash.cpp:150:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s ignores your bash!", name);
data/moria-5.7.13/src/player_bash.cpp:156:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You miss %s.", name);
data/moria-5.7.13/src/player_move.cpp:382:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have found %d gold pieces worth of %s", item.cost, description);
data/moria-5.7.13/src/player_move.cpp:417:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have %s (%c)", description, locn + 'a');
data/moria-5.7.13/src/player_move.cpp:423:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You can't carry %s", description);
data/moria-5.7.13/src/player_throw.cpp:150:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "The %s disappears.", description);
data/moria-5.7.13/src/player_throw.cpp:235:32: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You hear a cry as the %s finds a mark.", description);
data/moria-5.7.13/src/player_throw.cpp:238:32: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "The %s hits the %s.", description, creatures_list[damage].name);
data/moria-5.7.13/src/player_throw.cpp:256:36: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have killed the %s.", creatures_list[damage].name);
data/moria-5.7.13/src/recall.cpp:113:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(desc, "%d of the contributors to your monster memory %s", deaths, plural(deaths, "has", "have"));
data/moria-5.7.13/src/recall.cpp:119:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(desc, "at least %d of the beasts %s been exterminated.", kills, plural(kills, "has", "have"));
data/moria-5.7.13/src/recall.cpp:123:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(desc, "At least %d of these creatures %s", kills, plural(kills, "has", "have"));
data/moria-5.7.13/src/recall.cpp:280:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(desc, " for a%s %d%s level character.", q, py.misc.level, p);
data/moria-5.7.13/src/recall.cpp:358:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf(description, //
data/moria-5.7.13/src/recall.cpp:616:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "The %s:\n", creature.name);
data/moria-5.7.13/src/scores.cpp:49:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(new_entry.name, py.misc.name);
data/moria-5.7.13/src/scores.cpp:60:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(new_entry.died_from, tmp);
data/moria-5.7.13/src/scores.cpp:220:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf(msg, //
data/moria-5.7.13/src/scrolls.cpp:106:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s glows faintly!", desc);
data/moria-5.7.13/src/scrolls.cpp:130:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s glows faintly!", desc);
data/moria-5.7.13/src/scrolls.cpp:166:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s glows faintly!", desc);
data/moria-5.7.13/src/scrolls.cpp:246:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s glows brightly!", desc);
data/moria-5.7.13/src/scrolls.cpp:294:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s glows black, fades.", desc);
data/moria-5.7.13/src/scrolls.cpp:326:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s glows brightly!", desc);
data/moria-5.7.13/src/scrolls.cpp:388:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Your %s glows black, fades.", desc);
data/moria-5.7.13/src/spells.cpp:18:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(str, "(Spells %c-%c, *=List, <ESCAPE>=exit) %s", spell_ids[0] + 'a' - first_spell, spell_ids[number_of_choices - 1] + 'a' - first_spell, prompt);
data/moria-5.7.13/src/spells.cpp:45:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(tmp_str, "Cast %s (%d mana, %d%% fail)?", spell_names[spell_id + offset], spell.mana_required, spellChanceOfSuccess(spell_id));
data/moria-5.7.13/src/spells.cpp:84:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(tmp_str, "You don't know that %s.", (offset == config::spells::NAME_OFFSET_SPELLS ? "spell" : "prayer"));
data/moria-5.7.13/src/spells.cpp:420:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s: %s", playerItemWearingDescription(item_id), description);
data/moria-5.7.13/src/spells.cpp:422:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%c %s", item_id + 97, description);
data/moria-5.7.13/src/spells.cpp:1413:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(out_val, "The %s turns into mud.", description);
data/moria-5.7.13/src/store.cpp:51:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(comment, speech_selling_haggle_final[randomNumber(3) - 1]);
data/moria-5.7.13/src/store.cpp:53:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(comment, speech_selling_haggle[randomNumber(16) - 1]);
data/moria-5.7.13/src/store.cpp:65:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(comment, speech_buying_haggle_final[randomNumber(3) - 1]);
data/moria-5.7.13/src/store.cpp:67:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(comment, speech_buying_haggle[randomNumber(15) - 1]);
data/moria-5.7.13/src/store.cpp:136:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%c) %s", 'a' + item_line_num, description);
data/moria-5.7.13/src/store.cpp:210:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "(Items %c-%c, ESC to exit) %s", item_pos_start + 'a', item_pos_end + 'a', prompt);
data/moria-5.7.13/src/store.cpp:459:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s : %d", comment, current_asking_price);
data/moria-5.7.13/src/store.cpp:680:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s : %d", comment, current_asking_price);
data/moria-5.7.13/src/store.cpp:855:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You have %s (%c)", description, new_item_id + 'a');
data/moria-5.7.13/src/store.cpp:1030:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Selling %s (%c)", description, item_id + 'a');
data/moria-5.7.13/src/store.cpp:1066:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You've sold %s", description);
data/moria-5.7.13/src/ui.cpp:178:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(str, "%s: %6d", header, num);
data/moria-5.7.13/src/ui.cpp:185:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(str, "%s: %7d", header, num);
data/moria-5.7.13/src/ui.cpp:192:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(str, "%s: %6d", header, num);
data/moria-5.7.13/src/ui.cpp:723:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(out_val, " %c) %-30s%2d %4d %3d%%%s", spell_char, spell_names[spell_id + consecutive_offset], spell.level_required, spell.mana_required,
data/moria-5.7.13/src/ui_inventory.cpp:49:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(descriptions[i], "%c) %s", 'a' + i, description);
data/moria-5.7.13/src/ui_inventory.cpp:192:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(descriptions[line], "%c) %-14s: %s", line + 'a', position_description, description);
data/moria-5.7.13/src/ui_inventory.cpp:349:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s %s", prompt, description);
data/moria-5.7.13/src/ui_inventory.cpp:459:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "The %s you are wielding appears to be cursed.", description);
data/moria-5.7.13/src/ui_inventory.cpp:486:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
printMessage(strcat(msg_label, description));
data/moria-5.7.13/src/ui_inventory.cpp:535:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(str, "(%c-%c%s%s%s, space to break, ESC to exit) %s which one?", from, to, list_items, swap, digits, prompt);
data/moria-5.7.13/src/ui_inventory.cpp:643:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(item_text, "The %s you are ", description);
data/moria-5.7.13/src/ui_inventory.cpp:879:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "%s %s (%c)", text, description, 'a' + item_id);
data/moria-5.7.13/src/ui_inventory.cpp:908:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "Drop all %s [y/n]", description);
data/moria-5.7.13/src/ui_inventory.cpp:960:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msg, "You are carrying %d.%d pounds. In your pack there is %s", w_quotient, w_remainder, (py.pack.unique_items == 0 ? "nothing." : "-"));
data/moria-5.7.13/src/ui_inventory.cpp:1185:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf(description, //
data/moria-5.7.13/src/ui_inventory.cpp:1196:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf(description, //
data/moria-5.7.13/src/ui_io.cpp:304:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messages[last_message_id], msg);
data/moria-5.7.13/src/ui_io.cpp:547:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buffer, default_name);
data/moria-5.7.13/src/ui_io.cpp:550:15: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
char *p = getlogin();
data/moria-5.7.13/src/ui_io.cpp:553:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buffer, p);
data/moria-5.7.13/src/ui_io.cpp:557:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buffer, pwline->pw_name);
data/moria-5.7.13/src/ui_io.cpp:562:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buffer, default_name);
data/moria-5.7.13/src/ui_io.cpp:615:27: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
char *login = getlogin();
data/moria-5.7.13/src/ui_io.cpp:618:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(user, login);
data/moria-5.7.13/src/ui_io.cpp:626:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(expanded, pw->pw_dir);
data/moria-5.7.13/src/ui_io.cpp:629:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(expanded, file);
data/moria-5.7.13/src/wizard.cpp:538:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
(void) sscanf(input, pattern, &input_number);
data/moria-5.7.13/src/rng.cpp:105:54: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
printf("z[10001] = %ld, should be 1043618065\n", random);
data/moria-5.7.13/src/character.cpp:121:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[80];
data/moria-5.7.13/src/character.cpp:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char history_block[240];
data/moria-5.7.13/src/character.cpp:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[80];
data/moria-5.7.13/src/data_player.cpp:465:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *spell_names[62] = {
data/moria-5.7.13/src/data_recall.cpp:11:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *recall_description_attack_type[25] = {
data/moria-5.7.13/src/data_recall.cpp:39:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *recall_description_attack_method[20] = {
data/moria-5.7.13/src/data_recall.cpp:62:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *recall_description_how_much[8] = {
data/moria-5.7.13/src/data_recall.cpp:66:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *recall_description_move[6] = {
data/moria-5.7.13/src/data_recall.cpp:70:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *recall_description_spell[15] = {
data/moria-5.7.13/src/data_recall.cpp:88:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *recall_description_breath[5] = {
data/moria-5.7.13/src/data_recall.cpp:92:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *recall_description_weakness[6] = {
data/moria-5.7.13/src/data_store_owners.cpp:37:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_sale_accepted[14] = {
data/moria-5.7.13/src/data_store_owners.cpp:54:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_selling_haggle_final[3] = {
data/moria-5.7.13/src/data_store_owners.cpp:60:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_selling_haggle[16] = {
data/moria-5.7.13/src/data_store_owners.cpp:79:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_buying_haggle_final[3] = {
data/moria-5.7.13/src/data_store_owners.cpp:85:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_buying_haggle[15] = {
data/moria-5.7.13/src/data_store_owners.cpp:103:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_insulted_haggling_done[5] = {
data/moria-5.7.13/src/data_store_owners.cpp:111:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_get_out_of_my_store[5] = {
data/moria-5.7.13/src/data_store_owners.cpp:117:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_haggling_try_again[10] = {
data/moria-5.7.13/src/data_store_owners.cpp:130:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *speech_sorry[5] = {
data/moria-5.7.13/src/data_tables.cpp:15:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *colors[MAX_COLORS] = {
data/moria-5.7.13/src/data_tables.cpp:28:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *mushrooms[MAX_MUSHROOMS] = {
data/moria-5.7.13/src/data_tables.cpp:34:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *woods[MAX_WOODS] = {
data/moria-5.7.13/src/data_tables.cpp:41:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *metals[MAX_METALS] = {
data/moria-5.7.13/src/data_tables.cpp:48:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *rocks[MAX_ROCKS] = {
data/moria-5.7.13/src/data_tables.cpp:56:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *amulets[MAX_AMULETS] = {
data/moria-5.7.13/src/data_tables.cpp:61:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *syllables[MAX_SYLLABLES] = {
data/moria-5.7.13/src/data_treasure.cpp:527:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *special_item_names[SpecialNameIds::SN_ARRAY_SIZE] = {
data/moria-5.7.13/src/dungeon.cpp:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[MAX_WIDTH / RATIO + 1] = {'\0'};
data/moria-5.7.13/src/dungeon.cpp:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_buffer[80];
data/moria-5.7.13/src/dungeon_los.cpp:471:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(error_message, "Illegal call to lookSee(%d, %d)", coord.y, coord.x);
data/moria-5.7.13/src/game_death.cpp:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char day[11];
data/moria-5.7.13/src/game_death.cpp:111:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "Ripe Old Age");
data/moria-5.7.13/src/game_files.cpp:22:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
highscore_fp = fopen(config::files::scores.c_str(), (char *) "rb+");
data/moria-5.7.13/src/game_files.cpp:31:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *screen_file = fopen(config::files::splash_screen.c_str(), "r");
data/moria-5.7.13/src/game_files.cpp:46:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename.c_str(), "r");
data/moria-5.7.13/src/game_files.cpp:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_buffer[max_line_length];
data/moria-5.7.13/src/game_files.cpp:81:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename.c_str(), "r");
data/moria-5.7.13/src/game_files.cpp:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_buffer[max_line_length];
data/moria-5.7.13/src/game_files.cpp:148:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file_ptr = fopen(filename, "w");
data/moria-5.7.13/src/game_files.cpp:154:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "%d", count);
data/moria-5.7.13/src/game_files.cpp:155:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
putStringClearToEOL(strcat(input, " random objects being produced..."), Coord_t{0, 0});
data/moria-5.7.13/src/game_files.cpp:268:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(xinfra, "%d feet", py.flags.see_infra * 10);
data/moria-5.7.13/src/game_files.cpp:366:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_WRONLY | O_CREAT | O_EXCL, 0644);
data/moria-5.7.13/src/game_files.cpp:369:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_WRONLY, 0644);
data/moria-5.7.13/src/game_files.cpp:378:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "w");
data/moria-5.7.13/src/game_run.cpp:143:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "(end of input: saved)");
data/moria-5.7.13/src/game_run.cpp:145:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "unexpected eof");
data/moria-5.7.13/src/game_run.cpp:961:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text_buffer[8];
data/moria-5.7.13/src/game_run.cpp:967:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(text_buffer, "%d", (int16_t) repeat_count);
data/moria-5.7.13/src/game_run.cpp:974:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(text_buffer, "%d", repeat_count);
data/moria-5.7.13/src/game_run.cpp:985:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(text_buffer, "%d", repeat_count);
data/moria-5.7.13/src/game_run.cpp:1397:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "Quitting");
data/moria-5.7.13/src/game_run.cpp:1469:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "(saved)");
data/moria-5.7.13/src/game_run.cpp:1476:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "(alive and well)");
data/moria-5.7.13/src/game_save.cpp:403:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename.c_str(), O_RDWR | O_CREAT | O_EXCL, 0600);
data/moria-5.7.13/src/game_save.cpp:407:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename.c_str(), O_RDWR | O_TRUNC, 0600);
data/moria-5.7.13/src/game_save.cpp:412:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileptr = fopen(config::files::save_game.c_str(), "wb");
data/moria-5.7.13/src/game_save.cpp:415:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DEBUG(logfile = fopen("IO_LOG", "a"))
data/moria-5.7.13/src/game_save.cpp:490:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if ((fd = open(config::files::save_game.c_str(), O_RDONLY, 0)) < 0 &&
data/moria-5.7.13/src/game_save.cpp:491:76: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(chmod(config::files::save_game.c_str(), 0400) < 0 || (fd = open(config::files::save_game.c_str(), O_RDONLY, 0)) < 0)) {
data/moria-5.7.13/src/game_save.cpp:502:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileptr = fopen(config::files::save_game.c_str(), "rb");
data/moria-5.7.13/src/game_save.cpp:511:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DEBUG(logfile = fopen("IO_LOG", "a"))
data/moria-5.7.13/src/game_save.cpp:853:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "(alive and well)");
data/moria-5.7.13/src/game_save.cpp:1185:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DEBUG(logfile = fopen("IO_LOG", "a"))
data/moria-5.7.13/src/game_save.cpp:1208:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DEBUG(logfile = fopen("IO_LOG", "a"))
data/moria-5.7.13/src/helpers.cpp:89:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_string[MORIA_MESSAGE_SIZE];
data/moria-5.7.13/src/identification.cpp:14:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic_item_titles[MAX_TITLES][10];
data/moria-5.7.13/src/identification.cpp:543:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(damstr, " (%dd%d)", item.damage.dice, item.damage.sides);
data/moria-5.7.13/src/identification.cpp:551:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(damstr, " (x%d)", bowDamageValue(item.misc_use));
data/moria-5.7.13/src/identification.cpp:556:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(damstr, " (%dd%d)", item.damage.dice, item.damage.sides);
data/moria-5.7.13/src/identification.cpp:561:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(damstr, " (%dd%d)", item.damage.sides, item.damage.sides);
data/moria-5.7.13/src/identification.cpp:680:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(description, "Error in objdes()");
data/moria-5.7.13/src/identification.cpp:693:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(tmp_val, " of ");
data/moria-5.7.13/src/identification.cpp:735:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%c%d,%c%d)", (item.to_hit < 0) ? '-' : '+', abs_to_hit, (item.to_damage < 0) ? '-' : '+', abs_to_damage);
data/moria-5.7.13/src/identification.cpp:737:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%c%d)", (item.to_hit < 0) ? '-' : '+', abs_to_hit);
data/moria-5.7.13/src/identification.cpp:739:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%c%d)", (item.to_damage < 0) ? '-' : '+', abs_to_damage);
data/moria-5.7.13/src/identification.cpp:749:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " [%d", item.ac);
data/moria-5.7.13/src/identification.cpp:753:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, ",%c%d", (item.to_ac < 0) ? '-' : '+', abs_to_ac);
data/moria-5.7.13/src/identification.cpp:759:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " [%c%d]", (item.to_ac < 0) ? '-' : '+', abs_to_ac);
data/moria-5.7.13/src/identification.cpp:773:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " with %d turns of light", item.misc_use);
data/moria-5.7.13/src/identification.cpp:781:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%c%d)", (item.misc_use < 0) ? '-' : '+', abs_misc_use);
data/moria-5.7.13/src/identification.cpp:783:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%d charges)", item.misc_use);
data/moria-5.7.13/src/identification.cpp:786:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%c%d)", (item.misc_use < 0) ? '-' : '+', abs_misc_use);
data/moria-5.7.13/src/identification.cpp:789:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%c%d to STR)", (item.misc_use < 0) ? '-' : '+', abs_misc_use);
data/moria-5.7.13/src/identification.cpp:791:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmp_str, " (%c%d to stealth)", (item.misc_use < 0) ? '-' : '+', abs_misc_use);
data/moria-5.7.13/src/identification.cpp:832:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(tmp_str, "tried ");
data/moria-5.7.13/src/identification.cpp:838:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(tmp_str, "magik ");
data/moria-5.7.13/src/identification.cpp:841:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(tmp_str, "empty ");
data/moria-5.7.13/src/identification.cpp:844:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(tmp_str, "damned ");
data/moria-5.7.13/src/identification.cpp:872:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(out_val, "You have %d charges remaining.", rem_num);
data/moria-5.7.13/src/identification.cpp:916:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(inscription, "Inscription: ");
data/moria-5.7.13/src/identification.cpp:951:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(description, "Something");
data/moria-5.7.13/src/identification.h:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *special_item_names[SpecialNameIds::SN_ARRAY_SIZE];
data/moria-5.7.13/src/identification.h:85:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *colors[MAX_COLORS];
data/moria-5.7.13/src/identification.h:86:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *mushrooms[MAX_MUSHROOMS];
data/moria-5.7.13/src/identification.h:87:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *woods[MAX_WOODS];
data/moria-5.7.13/src/identification.h:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *metals[MAX_METALS];
data/moria-5.7.13/src/identification.h:89:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *rocks[MAX_ROCKS];
data/moria-5.7.13/src/identification.h:90:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *amulets[MAX_AMULETS];
data/moria-5.7.13/src/identification.h:91:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *syllables[MAX_SYLLABLES];
data/moria-5.7.13/src/inventory.h:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inscription[INSCRIP_SIZE]; // Object inscription
data/moria-5.7.13/src/monster.cpp:262:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "hits you."));
data/moria-5.7.13/src/monster.cpp:265:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "bites you."));
data/moria-5.7.13/src/monster.cpp:268:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "claws you."));
data/moria-5.7.13/src/monster.cpp:271:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "stings you."));
data/moria-5.7.13/src/monster.cpp:274:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "touches you."));
data/moria-5.7.13/src/monster.cpp:278:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
msg_print(strcat(msg, "kicks you."));
data/moria-5.7.13/src/monster.cpp:282:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "gazes at you."));
data/moria-5.7.13/src/monster.cpp:285:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "breathes on you."));
data/moria-5.7.13/src/monster.cpp:288:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "spits on you."));
data/moria-5.7.13/src/monster.cpp:291:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "makes a horrible wail."));
data/moria-5.7.13/src/monster.cpp:295:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
msg_print(strcat(msg, "embraces you."));
data/moria-5.7.13/src/monster.cpp:299:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "crawls on you."));
data/moria-5.7.13/src/monster.cpp:302:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "releases a cloud of spores."));
data/moria-5.7.13/src/monster.cpp:305:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "begs you for money."));
data/moria-5.7.13/src/monster.cpp:311:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "crushes you."));
data/moria-5.7.13/src/monster.cpp:314:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "tramples you."));
data/moria-5.7.13/src/monster.cpp:317:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "drools on you."));
data/moria-5.7.13/src/monster.cpp:322:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "insults you!"));
data/moria-5.7.13/src/monster.cpp:325:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "insults your mother!"));
data/moria-5.7.13/src/monster.cpp:328:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "gives you the finger!"));
data/moria-5.7.13/src/monster.cpp:331:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "humiliates you!"));
data/moria-5.7.13/src/monster.cpp:334:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "wets on your leg!"));
data/moria-5.7.13/src/monster.cpp:337:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "defiles you!"));
data/moria-5.7.13/src/monster.cpp:340:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "dances around you!"));
data/moria-5.7.13/src/monster.cpp:343:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "makes obscene gestures!"));
data/moria-5.7.13/src/monster.cpp:346:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "moons you!!!"));
data/moria-5.7.13/src/monster.cpp:353:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "is repelled."));
data/moria-5.7.13/src/monster.cpp:398:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(name, "It ");
data/moria-5.7.13/src/monster.cpp:468:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(description, "misses you."));
data/moria-5.7.13/src/monster.cpp:759:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "magically summons a monster!");
data/moria-5.7.13/src/monster.cpp:771:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "magically summons an undead!");
data/moria-5.7.13/src/monster.cpp:819:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "breathes lightning.");
data/moria-5.7.13/src/monster.cpp:824:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "breathes gas.");
data/moria-5.7.13/src/monster.cpp:829:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "breathes acid.");
data/moria-5.7.13/src/monster.cpp:834:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "breathes frost.");
data/moria-5.7.13/src/monster.cpp:839:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "breathes fire.");
data/moria-5.7.13/src/monster.cpp:844:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(monster_name, "cast unknown spell.");
data/moria-5.7.13/src/monster.cpp:874:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(name, "It ");
data/moria-5.7.13/src/monster.cpp:901:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(name, "casts a spell.");
data/moria-5.7.13/src/monster.cpp:1301:38: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(msg, "recovers and glares at you."));
data/moria-5.7.13/src/player.cpp:1122:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(name, "it");
data/moria-5.7.13/src/player.h:53:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PLAYER_NAME_SIZE]; // Name of character
data/moria-5.7.13/src/player.h:91:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char history[4][60]; // History record
data/moria-5.7.13/src/player_bash.cpp:96:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(name, "it");
data/moria-5.7.13/src/recall.cpp:147:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(desc, " It is normally found at depths of %d feet", level * 50);
data/moria-5.7.13/src/recall.cpp:254:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(desc, " creature is worth %d.%02d point%c", quotient, remainder, plural);
data/moria-5.7.13/src/recall.cpp:338:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(temp, "; 1 time in %d", creature_spell_flags & config::monsters::spells::CS_FREQ);
data/moria-5.7.13/src/recall.cpp:355:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(description, " It has an armor rating of %d", creature.ac);
data/moria-5.7.13/src/recall.cpp:446:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(text, " intruders, which it may notice from %d feet.", 10 * creature.area_affect_radius);
data/moria-5.7.13/src/recall.cpp:491:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, " up to %d", carrying_chance);
data/moria-5.7.13/src/recall.cpp:574:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, " %dd%d", dice.dice, dice.sides);
data/moria-5.7.13/src/recall.h:24:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *recall_description_attack_type[25];
data/moria-5.7.13/src/recall.h:25:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *recall_description_attack_method[20];
data/moria-5.7.13/src/recall.h:26:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *recall_description_how_much[8];
data/moria-5.7.13/src/recall.h:27:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *recall_description_move[6];
data/moria-5.7.13/src/recall.h:28:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *recall_description_spell[15];
data/moria-5.7.13/src/recall.h:29:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *recall_description_breath[5];
data/moria-5.7.13/src/recall.h:30:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *recall_description_weakness[6];
data/moria-5.7.13/src/scores.cpp:66:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((highscore_fp = fopen(config::files::scores.c_str(), "rb+")) == nullptr) {
data/moria-5.7.13/src/scores.cpp:182:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((highscore_fp = fopen(config::files::scores.c_str(), "rb")) == nullptr) {
data/moria-5.7.13/src/scores.cpp:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[100];
data/moria-5.7.13/src/scores.h:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PLAYER_NAME_SIZE];
data/moria-5.7.13/src/scores.h:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char died_from[25];
data/moria-5.7.13/src/spells.h:33:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *spell_names[62];
data/moria-5.7.13/src/store.cpp:147:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "%9d", value);
data/moria-5.7.13/src/store.cpp:149:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "%9d [Fixed]", current_item_count);
data/moria-5.7.13/src/store.cpp:178:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "%d", c);
data/moria-5.7.13/src/store.cpp:180:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "%9d [Fixed]", cost);
data/moria-5.7.13/src/store.cpp:188:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "Gold Remaining : %d", py.misc.au);
data/moria-5.7.13/src/store.cpp:293:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(last_offer_str, "[%c%d] ", (store_last_increment < 0) ? '-' : '+', abs_store_last_increment);
data/moria-5.7.13/src/store.cpp:540:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "Your last offer : %d", last_offer);
data/moria-5.7.13/src/store.cpp:761:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "Your last bid %d", last_offer);
data/moria-5.7.13/src/store.cpp:994:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask[PlayerEquipment::Wield];
data/moria-5.7.13/src/store.h:51:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_sale_accepted[14];
data/moria-5.7.13/src/store.h:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_selling_haggle_final[3];
data/moria-5.7.13/src/store.h:53:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_selling_haggle[16];
data/moria-5.7.13/src/store.h:54:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_buying_haggle_final[3];
data/moria-5.7.13/src/store.h:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_buying_haggle[15];
data/moria-5.7.13/src/store.h:56:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_insulted_haggling_done[5];
data/moria-5.7.13/src/store.h:57:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_get_out_of_my_store[5];
data/moria-5.7.13/src/store.h:58:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_haggling_try_again[10];
data/moria-5.7.13/src/store.h:59:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *speech_sorry[5];
data/moria-5.7.13/src/types.h:17:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char vtype_t[MORIA_MESSAGE_SIZE];
data/moria-5.7.13/src/types.h:22:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char obj_desc_t[160];
data/moria-5.7.13/src/ui.cpp:150:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(stat_string, "%6d", stat);
data/moria-5.7.13/src/ui.cpp:152:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(stat_string, "18/100");
data/moria-5.7.13/src/ui.cpp:154:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(stat_string, " 18/%02d", percentile);
data/moria-5.7.13/src/ui.cpp:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[7];
data/moria-5.7.13/src/ui.cpp:199:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(str, "%6d", num);
data/moria-5.7.13/src/ui.cpp:206:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(str, "%6d", num);
data/moria-5.7.13/src/ui.cpp:252:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(depths, "Town level");
data/moria-5.7.13/src/ui.cpp:254:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(depths, "%d feet", depth);
data/moria-5.7.13/src/ui.cpp:317:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rest_string[16];
data/moria-5.7.13/src/ui.cpp:320:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(rest_string, "Rest *");
data/moria-5.7.13/src/ui.cpp:322:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(rest_string, "Rest %-5d", py.flags.rest);
data/moria-5.7.13/src/ui.cpp:324:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(rest_string, "Rest");
data/moria-5.7.13/src/ui.cpp:333:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char repeat_string[16];
data/moria-5.7.13/src/ui.cpp:336:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(repeat_string, "Repeat %-3d", game.command_count);
data/moria-5.7.13/src/ui.cpp:338:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(repeat_string, "Repeat");
data/moria-5.7.13/src/ui.cpp:584:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(xinfra, "%d feet", py.flags.see_infra * 10);
data/moria-5.7.13/src/ui.cpp:734:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "Welcome to level %d.", (int) py.misc.level);
data/moria-5.7.13/src/ui.h:88:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open topen
data/moria-5.7.13/src/ui.h:89:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen tfopen
data/moria-5.7.13/src/ui_inventory.cpp:16:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(text, "%3d.%d lb", quotient, remainder);
data/moria-5.7.13/src/ui_inventory.cpp:481:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(msg_label, "Primary weapon : ");
data/moria-5.7.13/src/ui_inventory.cpp:646:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(item_text, "wielding ");
data/moria-5.7.13/src/ui_inventory.cpp:648:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(item_text, "wearing ");
data/moria-5.7.13/src/ui_inventory.cpp:651:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
printMessage(strcat(item_text, "appears to be cursed."));
data/moria-5.7.13/src/ui_inventory.cpp:965:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(msg, "You are carrying %d.%d pounds. Your capacity is %d.%d pounds. In your pack is -", w_quotient, w_remainder, l_quotient, l_remainder);
data/moria-5.7.13/src/ui_io.cpp:303:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(messages[last_message_id], " ");
data/moria-5.7.13/src/ui_io.cpp:360:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "(end of input: panic saved)");
data/moria-5.7.13/src/ui_io.cpp:362:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(game.character_died_from, "panic: unexpected eof");
data/moria-5.7.13/src/ui_io.cpp:572:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef fopen
data/moria-5.7.13/src/ui_io.cpp:573:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef open
data/moria-5.7.13/src/ui_io.cpp:577:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[1024];
data/moria-5.7.13/src/ui_io.cpp:579:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen(expanded, mode));
data/moria-5.7.13/src/ui_io.cpp:587:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[1024];
data/moria-5.7.13/src/ui_io.cpp:589:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (open(expanded, flags, mode));
data/moria-5.7.13/src/ui_io.cpp:604:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/moria-5.7.13/src/wizard.cpp:246:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d Gold = ", py.misc.au);
data/moria-5.7.13/src/wizard.cpp:260:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d (0-200) Searching = ", py.misc.chance_in_search);
data/moria-5.7.13/src/wizard.cpp:273:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d (-1-18) Stealth = ", py.misc.stealth_factor);
data/moria-5.7.13/src/wizard.cpp:285:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d (0-200) Disarming = ", py.misc.disarm);
data/moria-5.7.13/src/wizard.cpp:297:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d (0-100) Save = ", py.misc.saving_throw);
data/moria-5.7.13/src/wizard.cpp:309:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d (0-200) Base to hit = ", py.misc.bth);
data/moria-5.7.13/src/wizard.cpp:321:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d (0-200) Bows/Throwing = ", py.misc.bth_with_bows);
data/moria-5.7.13/src/wizard.cpp:333:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(input, "Current=%d Weight = ", py.misc.weight);
data/moria-5.7.13/src/wizard.cpp:533:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[4];
data/moria-5.7.13/src/wizard.cpp:535:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(pattern, "%lx");
data/moria-5.7.13/src/character.cpp:224:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto cursor_end = (int) strlen(history_block) - 1;
data/moria-5.7.13/src/character.cpp:257:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(py.misc.history[line_number], &history_block[cursor_start], (size_t) current_cursor_position);
data/moria-5.7.13/src/game_files.cpp:144:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) == 0) {
data/moria-5.7.13/src/game_save.cpp:722:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fileptr);
data/moria-5.7.13/src/game_save.cpp:1054:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (uint8_t)(getc(fileptr) & 0xFF);
data/moria-5.7.13/src/helpers.cpp:30:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t from_len = strlen(from_string);
data/moria-5.7.13/src/helpers.cpp:53:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(str1, to_string, str - to_string);
data/moria-5.7.13/src/helpers.cpp:67:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto from_len = (int) strlen(from_string);
data/moria-5.7.13/src/helpers.cpp:68:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto to_len = (int) strlen(to_string);
data/moria-5.7.13/src/helpers.cpp:91:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(new_string, to_string, (pc - to_string));
data/moria-5.7.13/src/identification.cpp:293:24: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(title, " ");
data/moria-5.7.13/src/identification.cpp:674:20: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(description, ".");
data/moria-5.7.13/src/identification.cpp:722:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(tmp_val, " ");
data/moria-5.7.13/src/identification.cpp:756:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(tmp_val, "]");
data/moria-5.7.13/src/identification.cpp:850:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ((indexx = (int) strlen(tmp_str)) > 0) {
data/moria-5.7.13/src/identification.cpp:860:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(description, ".");
data/moria-5.7.13/src/identification.cpp:919:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int msg_len = 78 - (int) strlen(msg);
data/moria-5.7.13/src/identification.cpp:926:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (getStringInput(inscription, Coord_t{0, (int) strlen(inscription)}, msg_len)) {
data/moria-5.7.13/src/player_move.cpp:399:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
description[strlen(description) - 1] = '?';
data/moria-5.7.13/src/player_move.cpp:408:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
description[strlen(description) - 1] = '?';
data/moria-5.7.13/src/scores.cpp:79:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto version_maj = (uint8_t) getc(highscore_fp);
data/moria-5.7.13/src/scores.cpp:80:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto version_min = (uint8_t) getc(highscore_fp);
data/moria-5.7.13/src/scores.cpp:81:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto patch_level = (uint8_t) getc(highscore_fp);
data/moria-5.7.13/src/scores.cpp:191:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto version_maj = (uint8_t) getc(highscore_fp);
data/moria-5.7.13/src/scores.cpp:192:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto version_min = (uint8_t) getc(highscore_fp);
data/moria-5.7.13/src/scores.cpp:193:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto patch_level = (uint8_t) getc(highscore_fp);
data/moria-5.7.13/src/store.cpp:279:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto prompt_len = (int) strlen(prompt);
data/moria-5.7.13/src/store.cpp:296:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prompt_len = start_len + (int) strlen(last_offer_str);
data/moria-5.7.13/src/ui_inventory.cpp:51:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = (int) strlen(descriptions[i]) + 2;
data/moria-5.7.13/src/ui_inventory.cpp:194:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = (int) strlen(descriptions[line]) + 2;
data/moria-5.7.13/src/ui_inventory.cpp:346:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
description[strlen(description) - 1] = '?';
data/moria-5.7.13/src/ui_inventory.cpp:905:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
description[strlen(description) - 1] = '?';
data/moria-5.7.13/src/ui_inventory.cpp:909:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg[strlen(description) - 1] = '.';
data/moria-5.7.13/src/ui_io.cpp:155:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(str, out_str, (size_t)(79 - coord.x));
data/moria-5.7.13/src/ui_io.cpp:254:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_len = (int) strlen(messages[last_message_id]) + 1;
data/moria-5.7.13/src/ui_io.cpp:261:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_len = (int) strlen(msg);
data/moria-5.7.13/src/ui_io.cpp:313:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(messages[last_message_id], msg, MORIA_MESSAGE_SIZE);
data/moria-5.7.13/src/wizard.cpp:247:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
data/moria-5.7.13/src/wizard.cpp:261:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
data/moria-5.7.13/src/wizard.cpp:274:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
data/moria-5.7.13/src/wizard.cpp:286:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
data/moria-5.7.13/src/wizard.cpp:298:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
data/moria-5.7.13/src/wizard.cpp:310:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
data/moria-5.7.13/src/wizard.cpp:322:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
data/moria-5.7.13/src/wizard.cpp:334:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number = (int) strlen(input);
ANALYSIS SUMMARY:
Hits = 440
Lines analyzed = 31905 in approximately 0.82 seconds (38848 lines/second)
Physical Source Lines of Code (SLOC) = 23845
Hits@level = [0] 108 [1] 45 [2] 231 [3] 1 [4] 161 [5] 2
Hits@level+ = [0+] 548 [1+] 440 [2+] 395 [3+] 164 [4+] 163 [5+] 2
Hits/KSLOC@level+ = [0+] 22.9818 [1+] 18.4525 [2+] 16.5653 [3+] 6.87775 [4+] 6.83581 [5+] 0.083875
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.