Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ne-3.1.2/src/#buffer.c
Examining data/ne-3.1.2/src/actions.c
Examining data/ne-3.1.2/src/ansi.c
Examining data/ne-3.1.2/src/ansi.h
Examining data/ne-3.1.2/src/autocomp.c
Examining data/ne-3.1.2/src/buffer.c
Examining data/ne-3.1.2/src/clips.c
Examining data/ne-3.1.2/src/cm.c
Examining data/ne-3.1.2/src/cm.h
Examining data/ne-3.1.2/src/command.c
Examining data/ne-3.1.2/src/debug.h
Examining data/ne-3.1.2/src/display.c
Examining data/ne-3.1.2/src/edit.c
Examining data/ne-3.1.2/src/enums.h
Examining data/ne-3.1.2/src/errors.c
Examining data/ne-3.1.2/src/errors.h
Examining data/ne-3.1.2/src/exec.c
Examining data/ne-3.1.2/src/ext.c
Examining data/ne-3.1.2/src/hash.c
Examining data/ne-3.1.2/src/hash.h
Examining data/ne-3.1.2/src/help.c
Examining data/ne-3.1.2/src/help.h
Examining data/ne-3.1.2/src/info2cap.c
Examining data/ne-3.1.2/src/info2cap.h
Examining data/ne-3.1.2/src/input.c
Examining data/ne-3.1.2/src/inputclass.c
Examining data/ne-3.1.2/src/keycodes.h
Examining data/ne-3.1.2/src/keys.c
Examining data/ne-3.1.2/src/menu.c
Examining data/ne-3.1.2/src/names.c
Examining data/ne-3.1.2/src/names.h
Examining data/ne-3.1.2/src/navigation.c
Examining data/ne-3.1.2/src/ne.c
Examining data/ne-3.1.2/src/ne.h
Examining data/ne-3.1.2/src/prefs.c
Examining data/ne-3.1.2/src/protos.h
Examining data/ne-3.1.2/src/regcomp.c
Examining data/ne-3.1.2/src/regex.c
Examining data/ne-3.1.2/src/regex.h
Examining data/ne-3.1.2/src/regex_internal.c
Examining data/ne-3.1.2/src/regex_internal.h
Examining data/ne-3.1.2/src/regexec.c
Examining data/ne-3.1.2/src/request.c
Examining data/ne-3.1.2/src/search.c
Examining data/ne-3.1.2/src/signals.c
Examining data/ne-3.1.2/src/streams.c
Examining data/ne-3.1.2/src/support.c
Examining data/ne-3.1.2/src/support.h
Examining data/ne-3.1.2/src/syn_hash.c
Examining data/ne-3.1.2/src/syn_hash.h
Examining data/ne-3.1.2/src/syn_regex.c
Examining data/ne-3.1.2/src/syn_regex.h
Examining data/ne-3.1.2/src/syn_types.h
Examining data/ne-3.1.2/src/syn_utf8.c
Examining data/ne-3.1.2/src/syn_utf8.h
Examining data/ne-3.1.2/src/syn_utils.c
Examining data/ne-3.1.2/src/syn_utils.h
Examining data/ne-3.1.2/src/syntax.c
Examining data/ne-3.1.2/src/syntax.h
Examining data/ne-3.1.2/src/term.c
Examining data/ne-3.1.2/src/term.h
Examining data/ne-3.1.2/src/termcap.c
Examining data/ne-3.1.2/src/termcap.h
Examining data/ne-3.1.2/src/termchar.h
Examining data/ne-3.1.2/src/tparam.c
Examining data/ne-3.1.2/src/trace.c
Examining data/ne-3.1.2/src/undo.c
Examining data/ne-3.1.2/src/utf8.c
Examining data/ne-3.1.2/src/utf8.h
Examining data/ne-3.1.2/src/version.h
FINAL RESULTS:
data/ne-3.1.2/src/ne.c:160:18: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
if (gprefs_dir) strncat(strncat(t, ": ", sizeof t - 1), gprefs_dir, sizeof t - 1);
data/ne-3.1.2/src/ne.c:160:26: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
if (gprefs_dir) strncat(strncat(t, ": ", sizeof t - 1), gprefs_dir, sizeof t - 1);
data/ne-3.1.2/src/ne.c:161:7: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
else strncat(strncat(strncat(t, " ", sizeof t - 1), get_global_dir(), sizeof t - 1), " not found!", sizeof t - 1);
data/ne-3.1.2/src/ne.c:161:15: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
else strncat(strncat(strncat(t, " ", sizeof t - 1), get_global_dir(), sizeof t - 1), " not found!", sizeof t - 1);
data/ne-3.1.2/src/ne.c:161:23: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
else strncat(strncat(strncat(t, " ", sizeof t - 1), get_global_dir(), sizeof t - 1), " not found!", sizeof t - 1);
data/ne-3.1.2/src/#buffer.c:1405:36: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!result) b->opt.read_only = (access(name, W_OK) != 0);
data/ne-3.1.2/src/#buffer.c:1953:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, file_part(b->filename));
data/ne-3.1.2/src/actions.c:1395:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(msg, MAX_MESSAGE_SIZE, "AtomicUndo level: %" PRId64, c);
data/ne-3.1.2/src/actions.c:1593:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(p)) error = EXTERNAL_COMMAND_ERROR;
data/ne-3.1.2/src/actions.c:1615:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(tmpnam1, P_tmpdir), "/"), NE_TMP);
data/ne-3.1.2/src/actions.c:1615:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(tmpnam1, P_tmpdir), "/"), NE_TMP);
data/ne-3.1.2/src/actions.c:1616:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(tmpnam2, P_tmpdir), "/"), NE_TMP);
data/ne-3.1.2/src/actions.c:1616:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(tmpnam2, P_tmpdir), "/"), NE_TMP);
data/ne-3.1.2/src/actions.c:1628:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcat(strcpy(command, "( "), p), " ) <"), tmpnam1), " >"), tmpnam2);
data/ne-3.1.2/src/actions.c:1628:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcat(strcpy(command, "( "), p), " ) <"), tmpnam1), " >"), tmpnam2);
data/ne-3.1.2/src/actions.c:1628:36: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcat(strcpy(command, "( "), p), " ) <"), tmpnam1), " >"), tmpnam2);
data/ne-3.1.2/src/actions.c:1631:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(command)) error = EXTERNAL_COMMAND_ERROR;
data/ne-3.1.2/src/buffer.c:1143:36: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!result) b->opt.read_only = (access(name, W_OK) != 0);
data/ne-3.1.2/src/buffer.c:1656:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, file_part(b->filename));
data/ne-3.1.2/src/command.c:399:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(t, " %" PRId64, c);
data/ne-3.1.2/src/command.c:568:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(macro_dir, prefs_dir), name);
data/ne-3.1.2/src/command.c:568:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(macro_dir, prefs_dir), name);
data/ne-3.1.2/src/command.c:574:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(macro_dir, prefs_dir), "macros/"), name);
data/ne-3.1.2/src/command.c:574:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(macro_dir, prefs_dir), "macros/"), name);
data/ne-3.1.2/src/command.c:680:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
str = strcat(strcat(p, *p ? " " : ""), key_stroke[i]);
data/ne-3.1.2/src/command.c:680:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
str = strcat(strcat(p, *p ? " " : ""), key_stroke[i]);
data/ne-3.1.2/src/command.c:696:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(str, "Bound keys(s): "), key_strokes);
data/ne-3.1.2/src/edit.c:711:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(msg, msg_size, "%c%" PRId64, avshift > 0 ? 'T' :'B', avshift > 0 ? avshift : -avshift);
data/ne-3.1.2/src/input.c:194:26: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
if (default_value >= 0) sprintf(t, "%" PRId64, default_value);
data/ne-3.1.2/src/input.c:672:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix, completion);
data/ne-3.1.2/src/menu.c:660:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len = sprintf(bar_buffer, "%11" PRId64, y + 1);
data/ne-3.1.2/src/menu.c:666:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len = sprintf(bar_buffer, "%11" PRId64, x + 1);
data/ne-3.1.2/src/menu.c:677:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(flag_string, p);
data/ne-3.1.2/src/menu.c:693:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(flag_string, gen_flag_string(cur_buffer));
data/ne-3.1.2/src/menu.c:698:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len = sprintf(bar_buffer, fast_gui || !standout_ok ? ">> L:%11" PRId64 " C:%11" PRId64 " %3d%% %s " : " L:%11" PRId64 " C:%11" PRId64 " %3d%% %s ", y + 1, x + 1, percent, flag_string);
data/ne-3.1.2/src/menu.c:941:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(menu_conf, prefs_dir), menu_conf_name);
data/ne-3.1.2/src/menu.c:941:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(menu_conf, prefs_dir), menu_conf_name);
data/ne-3.1.2/src/menu.c:1055:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(key_bindings, prefs_dir), key_bindings_name);
data/ne-3.1.2/src/menu.c:1055:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(key_bindings, prefs_dir), key_bindings_name);
data/ne-3.1.2/src/ne.c:283:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(new_not_found, "Not Found. (RepeatLast with "), repeat_last_keystroke), " to wrap.)");
data/ne-3.1.2/src/prefs.c:95:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(prefs_dir, home_dir), "/"), PREFS_DIR);
data/ne-3.1.2/src/prefs.c:95:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(prefs_dir, home_dir), "/"), PREFS_DIR);
data/ne-3.1.2/src/prefs.c:133:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gprefs_dir, global_dir);
data/ne-3.1.2/src/prefs.c:337:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(virt_name, prefs_dir), VIRTUAL_EXT_NAME_G);
data/ne-3.1.2/src/prefs.c:337:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(virt_name, prefs_dir), VIRTUAL_EXT_NAME_G);
data/ne-3.1.2/src/prefs.c:344:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(virt_name, prefs_dir), VIRTUAL_EXT_NAME);
data/ne-3.1.2/src/prefs.c:344:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(virt_name, prefs_dir), VIRTUAL_EXT_NAME);
data/ne-3.1.2/src/prefs.c:444:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(auto_name, prefs_dir), ext), PREF_FILE_SUFFIX);
data/ne-3.1.2/src/prefs.c:444:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(auto_name, prefs_dir), ext), PREF_FILE_SUFFIX);
data/ne-3.1.2/src/prefs.c:444:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(auto_name, prefs_dir), ext), PREF_FILE_SUFFIX);
data/ne-3.1.2/src/prefs.c:455:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(auto_name, prefs_dir), ext), PREF_FILE_SUFFIX);
data/ne-3.1.2/src/prefs.c:455:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(auto_name, prefs_dir), ext), PREF_FILE_SUFFIX);
data/ne-3.1.2/src/prefs.c:455:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(auto_name, prefs_dir), ext), PREF_FILE_SUFFIX);
data/ne-3.1.2/src/request.c:738:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(result, dir_name), cur_prefix), unique && is_dir ? "/" : "");
data/ne-3.1.2/src/request.c:738:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcpy(result, dir_name), cur_prefix), unique && is_dir ? "/" : "");
data/ne-3.1.2/src/request.c:738:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcpy(result, dir_name), cur_prefix), unique && is_dir ? "/" : "");
data/ne-3.1.2/src/request.c:784:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(syn_dir_name, p), SYNTAX_DIR);
data/ne-3.1.2/src/request.c:784:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(syn_dir_name, p), SYNTAX_DIR);
data/ne-3.1.2/src/request.c:791:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(syn_dir_name, p), SYNTAX_DIR);
data/ne-3.1.2/src/request.c:791:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(syn_dir_name, p), SYNTAX_DIR);
data/ne-3.1.2/src/request.c:803:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/ne-3.1.2/src/request.c:876:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(result, p);
data/ne-3.1.2/src/request.c:1213:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char * p = strcpy(newstr, str)+len+1;
data/ne-3.1.2/src/search.c:373:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, UTF8NONWORD);
data/ne-3.1.2/src/search.c:387:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, UTF8DOT);
data/ne-3.1.2/src/search.c:400:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, UTF8COMP);
data/ne-3.1.2/src/support.c:99:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c, b);
data/ne-3.1.2/src/support.c:160:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(c, a + j);
data/ne-3.1.2/src/support.c:328:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcpy(expanded_filename = p, home_dir), filename);
data/ne-3.1.2/src/support.c:328:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(expanded_filename = p, home_dir), filename);
data/ne-3.1.2/src/syn_types.h:40:37: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_0(buf,len,fmt) snprintf((char *)(buf),(len),(char *)(fmt))
data/ne-3.1.2/src/syn_types.h:41:39: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_1(buf,len,fmt,a) snprintf((char *)(buf),(len),(char *)(fmt),(a))
data/ne-3.1.2/src/syn_types.h:42:41: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_2(buf,len,fmt,a,b) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b))
data/ne-3.1.2/src/syn_types.h:43:43: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_3(buf,len,fmt,a,b,c) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c))
data/ne-3.1.2/src/syn_types.h:44:45: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_4(buf,len,fmt,a,b,c,d) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c),(d))
data/ne-3.1.2/src/syn_types.h:45:47: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_5(buf,len,fmt,a,b,c,d,e) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c),(d),(e))
data/ne-3.1.2/src/syn_types.h:46:49: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_6(buf,len,fmt,a,b,c,d,e,f) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c),(d),(e),(f))
data/ne-3.1.2/src/syn_types.h:47:51: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_7(buf,len,fmt,a,b,c,d,e,f,g) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g))
data/ne-3.1.2/src/syn_types.h:48:53: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_8(buf,len,fmt,a,b,c,d,e,f,g,h) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g),(h))
data/ne-3.1.2/src/syn_types.h:49:55: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_9(buf,len,fmt,a,b,c,d,e,f,g,h,i) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i))
data/ne-3.1.2/src/syn_types.h:50:58: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define joe_snprintf_10(buf,len,fmt,a,b,c,d,e,f,g,h,i,j) snprintf((char *)(buf),(len),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i),(j))
data/ne-3.1.2/src/syn_types.h:52:26: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define i_printf_0(fmt) (snprintf((char *)(i_msg),sizeof(i_msg),(char *)(fmt)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_types.h:53:28: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define i_printf_1(fmt,a) (snprintf((char *)(i_msg),sizeof(i_msg),(char *)(fmt),(a)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_types.h:55:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define i_printf_2(fmt,a,b) (fprintf(stderr,(char *)(fmt),(a),(b)))
data/ne-3.1.2/src/syn_types.h:56:32: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define i_printf_3(fmt,a,b,c) (snprintf((char *)(i_msg),sizeof(i_msg),(char *)(fmt),(a),(b),(c)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_types.h:57:34: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define i_printf_4(fmt,a,b,c,d) (snprintf((char *)(i_msg),sizeof(i_msg),(char *)(fmt),(a),(b),(c),(d)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_types.h:61:37: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_0(buf,len,fmt) sprintf((char *)(buf),(char *)(fmt))
data/ne-3.1.2/src/syn_types.h:62:39: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_1(buf,len,fmt,a) sprintf((char *)(buf),(char *)(fmt),(a))
data/ne-3.1.2/src/syn_types.h:63:41: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_2(buf,len,fmt,a,b) sprintf((char *)(buf),(char *)(fmt),(a),(b))
data/ne-3.1.2/src/syn_types.h:64:43: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_3(buf,len,fmt,a,b,c) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c))
data/ne-3.1.2/src/syn_types.h:65:45: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_4(buf,len,fmt,a,b,c,d) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c),(d))
data/ne-3.1.2/src/syn_types.h:66:47: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_5(buf,len,fmt,a,b,c,d,e) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c),(d),(e))
data/ne-3.1.2/src/syn_types.h:67:49: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_6(buf,len,fmt,a,b,c,d,e,f) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c),(d),(e),(f))
data/ne-3.1.2/src/syn_types.h:68:51: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_7(buf,len,fmt,a,b,c,d,e,f,g) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g))
data/ne-3.1.2/src/syn_types.h:69:53: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_8(buf,len,fmt,a,b,c,d,e,f,g,h) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g),(h))
data/ne-3.1.2/src/syn_types.h:70:55: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_9(buf,len,fmt,a,b,c,d,e,f,g,h,i) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i))
data/ne-3.1.2/src/syn_types.h:71:58: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define joe_snprintf_10(buf,len,fmt,a,b,c,d,e,f,g,h,i,j) sprintf((char *)(buf),(char *)(fmt),(a),(b),(c),(d),(e),(f),(g),(h),(i),(j))
data/ne-3.1.2/src/syn_types.h:73:26: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define i_printf_0(fmt) (sprintf((char *)(i_msg),(char *)(fmt)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_types.h:74:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define i_printf_1(fmt,a) (sprintf((char *)(i_msg),(char *)(fmt),(a)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_types.h:76:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define i_printf_2(fmt,a,b) (fprintf(stderr,(char *)(fmt),(a),(b)))
data/ne-3.1.2/src/syn_types.h:77:32: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define i_printf_3(fmt,a,b,c) (sprintf((char *)(i_msg),(char *)(fmt),(a),(b),(c)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_types.h:78:34: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define i_printf_4(fmt,a,b,c,d) (sprintf((char *)(i_msg),(char *)(fmt),(a),(b),(c),(d)), internal_msg(i_msg))
data/ne-3.1.2/src/syn_utils.c:112:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)a,(char *)b);
data/ne-3.1.2/src/syn_utils.c:129:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat((char *)a,(char *)b);
data/ne-3.1.2/src/syntax.c:713:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:713:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:713:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:713:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:718:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:718:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:718:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:718:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/termcap.c:443:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bp, term);
data/ne-3.1.2/src/termcap.c:479:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bp, termcap_name);
data/ne-3.1.2/src/termcap.c:517:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bp, tcenv);
data/ne-3.1.2/src/tparam.c:297:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (op, up);
data/ne-3.1.2/src/tparam.c:299:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (op, left);
data/ne-3.1.2/src/info2cap.c:163:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * const term_name = getenv("TERM"), *s;
data/ne-3.1.2/src/info2cap.c:251:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (s = getenv("LINES")) l = atoi(s);
data/ne-3.1.2/src/info2cap.c:252:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (s = getenv("COLUMNS")) c = atoi(s);
data/ne-3.1.2/src/prefs.c:91:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(home_dir = getenv("HOME"))) home_dir = ".";
data/ne-3.1.2/src/support.c:40:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ne_global_dir = getenv("NE_GLOBAL_DIR");
data/ne-3.1.2/src/support.c:296:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home_dir = getenv("HOME");
data/ne-3.1.2/src/term.c:995:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (! getenv("LINES") || ! getenv("COLUMNS")) return 0;
data/ne-3.1.2/src/term.c:995:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (! getenv("LINES") || ! getenv("COLUMNS")) return 0;
data/ne-3.1.2/src/term.c:996:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const int l = strtol(getenv("LINES"), NULL, 10);
data/ne-3.1.2/src/term.c:997:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const int c = strtol(getenv("COLUMNS"), NULL, 10);
data/ne-3.1.2/src/termcap.c:453:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
termcap_name = getenv ("TERMCAP");
data/ne-3.1.2/src/termcap.c:471:48: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (termcap_name && !filep && !strcmp (name, getenv ("TERM")))
data/ne-3.1.2/src/#buffer.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/ne-3.1.2/src/#buffer.c:1014:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ld->line, s, len);
data/ne-3.1.2/src/#buffer.c:1034:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ld->line, pos);
data/ne-3.1.2/src/#buffer.c:1035:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p[pos], s, len);
data/ne-3.1.2/src/#buffer.c:1036:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p[pos + len], ld->line + pos, ld->line_len - pos);
data/ne-3.1.2/src/#buffer.c:1049:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ld->line - (len - result) + pos, s, len);
data/ne-3.1.2/src/#buffer.c:1127:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t[8];
data/ne-3.1.2/src/#buffer.c:1145:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char spaces[MAX_STACK_SPACES];
data/ne-3.1.2/src/#buffer.c:1227:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ld->line, ld->line_len);
data/ne-3.1.2/src/#buffer.c:1228:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + ld->line_len, next_ld->line, next_ld->line_len);
data/ne-3.1.2/src/#buffer.c:1248:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ld->line + ld->line_len, next_ld->line, next_ld->line_len);
data/ne-3.1.2/src/#buffer.c:1255:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(next_ld->line - ld->line_len, ld->line, ld->line_len);
data/ne-3.1.2/src/#buffer.c:1400:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open(name, READ_FLAGS);
data/ne-3.1.2/src/#buffer.c:1416:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CIRC_BUFFER_SIZE * 2];
data/ne-3.1.2/src/#buffer.c:1418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ld_buffer[LD_BUFFER_COUNT * line_desc_size];
data/ne-3.1.2/src/#buffer.c:1508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[16];
data/ne-3.1.2/src/#buffer.c:1509:22: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
const int char_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/#buffer.c:1509:30: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
const int char_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/#buffer.c:1511:20: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
const int ld_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/#buffer.c:1511:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
const int ld_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/#buffer.c:1797:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open(name, WRITE_FLAGS, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
data/ne-3.1.2/src/#buffer.c:1820:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + used, l, len);
data/ne-3.1.2/src/#buffer.c:1825:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + used, l, SAVE_BLOCK_LEN - used);
data/ne-3.1.2/src/#buffer.c:1956:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(p = malloc(MAX_INT_LEN * )) sprintf(p, "%p.%x", b, getpid());
data/ne-3.1.2/src/actions.c:131:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!da_log) da_log = fopen("/tmp/ne-actions.log","a");
data/ne-3.1.2/src/actions.c:172:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[MAX_MESSAGE_SIZE];
data/ne-3.1.2/src/actions.c:1613:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpnam1[strlen(P_tmpdir)+strlen(NE_TMP)+2], tmpnam2[strlen(P_tmpdir)+strlen(NE_TMP)+2], *command;
data/ne-3.1.2/src/actions.c:1617:15: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((fin = mkstemp(tmpnam1)) != -1) close(fin);
data/ne-3.1.2/src/actions.c:1618:16: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((fout = mkstemp(tmpnam2)) != -1) close(fout);
data/ne-3.1.2/src/actions.c:1628:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(strcat(strcat(strcat(strcpy(command, "( "), p), " ) <"), tmpnam1), " >"), tmpnam2);
data/ne-3.1.2/src/actions.c:1628:29: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(strcat(strcat(strcat(strcpy(command, "( "), p), " ) <"), tmpnam1), " >"), tmpnam2);
data/ne-3.1.2/src/actions.c:1628:43: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcat(strcat(strcat(strcat(strcat(strcpy(command, "( "), p), " ) <"), tmpnam1), " >"), tmpnam2);
data/ne-3.1.2/src/buffer.c:752:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ld->line, s, len);
data/ne-3.1.2/src/buffer.c:772:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ld->line, pos);
data/ne-3.1.2/src/buffer.c:773:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p[pos], s, len);
data/ne-3.1.2/src/buffer.c:774:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p[pos + len], ld->line + pos, ld->line_len - pos);
data/ne-3.1.2/src/buffer.c:787:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ld->line - (len - result) + pos, s, len);
data/ne-3.1.2/src/buffer.c:865:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t[8];
data/ne-3.1.2/src/buffer.c:883:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char spaces[MAX_STACK_SPACES];
data/ne-3.1.2/src/buffer.c:965:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ld->line, ld->line_len);
data/ne-3.1.2/src/buffer.c:966:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + ld->line_len, next_ld->line, next_ld->line_len);
data/ne-3.1.2/src/buffer.c:986:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ld->line + ld->line_len, next_ld->line, next_ld->line_len);
data/ne-3.1.2/src/buffer.c:993:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(next_ld->line - ld->line_len, ld->line, ld->line_len);
data/ne-3.1.2/src/buffer.c:1138:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open(name, READ_FLAGS);
data/ne-3.1.2/src/buffer.c:1154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CIRC_BUFFER_SIZE * 2];
data/ne-3.1.2/src/buffer.c:1156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ld_buffer[LD_BUFFER_COUNT * line_desc_size];
data/ne-3.1.2/src/buffer.c:1246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[16];
data/ne-3.1.2/src/buffer.c:1247:22: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
const int char_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/buffer.c:1247:30: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
const int char_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/buffer.c:1249:20: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
const int ld_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/buffer.c:1249:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
const int ld_fd = mkstemp(strcpy(template, ".ne-mmap-XXXXXX"));
data/ne-3.1.2/src/buffer.c:1535:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open(name, WRITE_FLAGS, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
data/ne-3.1.2/src/buffer.c:1558:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + used, l, len);
data/ne-3.1.2/src/buffer.c:1563:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + used, l, SAVE_BLOCK_LEN - used);
data/ne-3.1.2/src/buffer.c:1659:41: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else if (p = malloc(MAX_INT_LEN * 2)) sprintf(p, "%p.%x", b, getpid());
data/ne-3.1.2/src/clips.c:169:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (ld->line) memcpy(p, ld->line + start_pos, len);
data/ne-3.1.2/src/clips.c:230:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (ld->line) memcpy(p, ld->line + start_pos, len);
data/ne-3.1.2/src/clips.c:418:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (len) memcpy(p, ld->line + start_pos, len);
data/ne-3.1.2/src/clips.c:457:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (len) memcpy(p, ld->line + start_pos, len);
data/ne-3.1.2/src/command.c:278:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*string_arg, p, len);
data/ne-3.1.2/src/command.c:307:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*string_arg, p, len);
data/ne-3.1.2/src/command.c:385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[MAX_INT_LEN + 2];
data/ne-3.1.2/src/command.c:480:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char two[2] = { chr };
data/ne-3.1.2/src/command.c:518:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream, cs->stream, len);
data/ne-3.1.2/src/command.c:574:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(strcpy(macro_dir, prefs_dir), "macros/"), name);
data/ne-3.1.2/src/command.c:696:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcat(strcpy(str, "Bound keys(s): "), key_strokes);
data/ne-3.1.2/src/command.c:752:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tmphelp[0] = (char *)commands[r].help[0];
data/ne-3.1.2/src/command.c:753:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tmphelp[1] = (char *)commands[r].help[1];
data/ne-3.1.2/src/command.c:755:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmphelp[3], &commands[r].help[2], sizeof(char *) * (commands[r].help_len-2));
data/ne-3.1.2/src/command.c:755:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy(&tmphelp[3], &commands[r].help[2], sizeof(char *) * (commands[r].help_len-2));
data/ne-3.1.2/src/command.c:767:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rl.entries = (char **)commands[r].help;
data/ne-3.1.2/src/display.c:298:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (b->attr_len = attr_len) memcpy(b->attr_buf, attr_buf, attr_len * sizeof *b->attr_buf);
data/ne-3.1.2/src/display.c:745:30: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (b->attr_len = attr_len) memcpy(b->attr_buf, attr_buf, attr_len * sizeof *b->attr_buf);
data/ne-3.1.2/src/edit.c:140:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char bracket_table[NUM_BRACKETS][2] = { { '(', ')' },
data/ne-3.1.2/src/edit.c:254:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char avcmd[16];
data/ne-3.1.2/src/edit.c:331:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pa_space, ld->line, pos);
data/ne-3.1.2/src/errors.c:27:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *error_msg[ERROR_COUNT] = {
data/ne-3.1.2/src/errors.c:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *info_msg[INFO_COUNT] = {
data/ne-3.1.2/src/errors.h:144:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *error_msg[ERROR_COUNT];
data/ne-3.1.2/src/errors.h:145:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *info_msg[INFO_COUNT];
data/ne-3.1.2/src/hash.c:34:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char hash_table[HASH_TABLE_SIZE] = {
data/ne-3.1.2/src/hash.c:206:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char short_hash_table[HASH_TABLE_SIZE] = {
data/ne-3.1.2/src/hash.h:30:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char hash_table[HASH_TABLE_SIZE];
data/ne-3.1.2/src/hash.h:31:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char short_hash_table[HASH_TABLE_SIZE];
data/ne-3.1.2/src/help.c:21:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ABOUT_HELP[7] = {
data/ne-3.1.2/src/help.c:30:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ADJUSTVIEW_HELP[26] = {
data/ne-3.1.2/src/help.c:58:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ALERT_HELP[5] = {
data/ne-3.1.2/src/help.c:65:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ATOMICUNDO_HELP[22] = {
data/ne-3.1.2/src/help.c:89:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const AUTOCOMPLETE_HELP[20] = {
data/ne-3.1.2/src/help.c:111:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const AUTOINDENT_HELP[22] = {
data/ne-3.1.2/src/help.c:135:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const AUTOMATCHBRACKET_HELP[11] = {
data/ne-3.1.2/src/help.c:148:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const AUTOPREFS_HELP[14] = {
data/ne-3.1.2/src/help.c:164:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const BACKSPACE_HELP[6] = {
data/ne-3.1.2/src/help.c:172:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const BEEP_HELP[6] = {
data/ne-3.1.2/src/help.c:180:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const BINARY_HELP[25] = {
data/ne-3.1.2/src/help.c:207:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CAPITALIZE_HELP[6] = {
data/ne-3.1.2/src/help.c:215:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CASESEARCH_HELP[12] = {
data/ne-3.1.2/src/help.c:229:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CENTER_HELP[8] = {
data/ne-3.1.2/src/help.c:239:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CLEAR_HELP[7] = {
data/ne-3.1.2/src/help.c:248:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CLIPNUMBER_HELP[11] = {
data/ne-3.1.2/src/help.c:261:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CLOSEDOC_HELP[7] = {
data/ne-3.1.2/src/help.c:270:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const COPY_HELP[10] = {
data/ne-3.1.2/src/help.c:282:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CRLF_HELP[15] = {
data/ne-3.1.2/src/help.c:299:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const CUT_HELP[5] = {
data/ne-3.1.2/src/help.c:306:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DELETECHAR_HELP[10] = {
data/ne-3.1.2/src/help.c:318:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DELETEEOL_HELP[10] = {
data/ne-3.1.2/src/help.c:330:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DELETELINE_HELP[9] = {
data/ne-3.1.2/src/help.c:341:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DELETENEXTWORD_HELP[8] = {
data/ne-3.1.2/src/help.c:351:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DELETEPREVWORD_HELP[9] = {
data/ne-3.1.2/src/help.c:362:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DELTABS_HELP[9] = {
data/ne-3.1.2/src/help.c:373:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const DOUNDO_HELP[21] = {
data/ne-3.1.2/src/help.c:396:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ERASE_HELP[6] = {
data/ne-3.1.2/src/help.c:404:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ESCAPE_HELP[7] = {
data/ne-3.1.2/src/help.c:413:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const ESCAPETIME_HELP[16] = {
data/ne-3.1.2/src/help.c:431:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const EXEC_HELP[14] = {
data/ne-3.1.2/src/help.c:447:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const EXIT_HELP[12] = {
data/ne-3.1.2/src/help.c:461:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const FASTGUI_HELP[19] = {
data/ne-3.1.2/src/help.c:482:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const FIND_HELP[12] = {
data/ne-3.1.2/src/help.c:496:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const FINDREGEXP_HELP[12] = {
data/ne-3.1.2/src/help.c:510:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const FLAGS_HELP[35] = {
data/ne-3.1.2/src/help.c:547:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const FLASH_HELP[6] = {
data/ne-3.1.2/src/help.c:555:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const FREEFORM_HELP[18] = {
data/ne-3.1.2/src/help.c:575:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const GOTOBOOKMARK_HELP[20] = {
data/ne-3.1.2/src/help.c:597:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const GOTOCOLUMN_HELP[8] = {
data/ne-3.1.2/src/help.c:607:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const GOTOLINE_HELP[10] = {
data/ne-3.1.2/src/help.c:619:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const GOTOMARK_HELP[9] = {
data/ne-3.1.2/src/help.c:630:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const HELP_HELP[14] = {
data/ne-3.1.2/src/help.c:646:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const HEXCODE_HELP[6] = {
data/ne-3.1.2/src/help.c:654:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const INSERT_HELP[12] = {
data/ne-3.1.2/src/help.c:668:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const INSERTCHAR_HELP[21] = {
data/ne-3.1.2/src/help.c:691:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const INSERTLINE_HELP[7] = {
data/ne-3.1.2/src/help.c:700:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const INSERTSTRING_HELP[12] = {
data/ne-3.1.2/src/help.c:714:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const INSERTTAB_HELP[7] = {
data/ne-3.1.2/src/help.c:723:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const KEYCODE_HELP[12] = {
data/ne-3.1.2/src/help.c:737:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const LINEDOWN_HELP[6] = {
data/ne-3.1.2/src/help.c:745:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const LINEUP_HELP[6] = {
data/ne-3.1.2/src/help.c:753:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const LOADAUTOPREFS_HELP[7] = {
data/ne-3.1.2/src/help.c:762:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const LOADPREFS_HELP[16] = {
data/ne-3.1.2/src/help.c:780:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MACRO_HELP[33] = {
data/ne-3.1.2/src/help.c:815:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MARK_HELP[12] = {
data/ne-3.1.2/src/help.c:829:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MARKVERT_HELP[21] = {
data/ne-3.1.2/src/help.c:852:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MATCHBRACKET_HELP[9] = {
data/ne-3.1.2/src/help.c:863:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MODIFIED_HELP[15] = {
data/ne-3.1.2/src/help.c:880:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVEBOS_HELP[6] = {
data/ne-3.1.2/src/help.c:888:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVEEOF_HELP[5] = {
data/ne-3.1.2/src/help.c:895:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVEEOL_HELP[5] = {
data/ne-3.1.2/src/help.c:902:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVEEOW_HELP[8] = {
data/ne-3.1.2/src/help.c:912:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVEINCDOWN_HELP[9] = {
data/ne-3.1.2/src/help.c:923:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVEINCUP_HELP[9] = {
data/ne-3.1.2/src/help.c:934:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVELEFT_HELP[6] = {
data/ne-3.1.2/src/help.c:942:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVERIGHT_HELP[6] = {
data/ne-3.1.2/src/help.c:950:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVESOF_HELP[5] = {
data/ne-3.1.2/src/help.c:957:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVESOL_HELP[6] = {
data/ne-3.1.2/src/help.c:965:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const MOVETOS_HELP[5] = {
data/ne-3.1.2/src/help.c:972:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const NAMECONVERT_HELP[10] = {
data/ne-3.1.2/src/help.c:984:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const NEWDOC_HELP[8] = {
data/ne-3.1.2/src/help.c:994:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const NEXTDOC_HELP[5] = {
data/ne-3.1.2/src/help.c:1001:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const NEXTPAGE_HELP[8] = {
data/ne-3.1.2/src/help.c:1011:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const NEXTWORD_HELP[6] = {
data/ne-3.1.2/src/help.c:1019:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const NOFILEREQ_HELP[10] = {
data/ne-3.1.2/src/help.c:1031:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const NOP_HELP[5] = {
data/ne-3.1.2/src/help.c:1038:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const OPEN_HELP[18] = {
data/ne-3.1.2/src/help.c:1058:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const OPENCLIP_HELP[14] = {
data/ne-3.1.2/src/help.c:1074:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const OPENMACRO_HELP[14] = {
data/ne-3.1.2/src/help.c:1090:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const OPENNEW_HELP[6] = {
data/ne-3.1.2/src/help.c:1098:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PAGEDOWN_HELP[6] = {
data/ne-3.1.2/src/help.c:1106:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PAGEUP_HELP[6] = {
data/ne-3.1.2/src/help.c:1114:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PARAGRAPH_HELP[27] = {
data/ne-3.1.2/src/help.c:1143:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PASTE_HELP[7] = {
data/ne-3.1.2/src/help.c:1152:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PASTEVERT_HELP[7] = {
data/ne-3.1.2/src/help.c:1161:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PLAY_HELP[15] = {
data/ne-3.1.2/src/help.c:1178:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const POPPREFS_HELP[25] = {
data/ne-3.1.2/src/help.c:1205:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PRESERVECR_HELP[15] = {
data/ne-3.1.2/src/help.c:1222:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PREVDOC_HELP[5] = {
data/ne-3.1.2/src/help.c:1229:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PREVPAGE_HELP[8] = {
data/ne-3.1.2/src/help.c:1239:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PREVWORD_HELP[8] = {
data/ne-3.1.2/src/help.c:1249:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const PUSHPREFS_HELP[24] = {
data/ne-3.1.2/src/help.c:1275:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const QUIT_HELP[6] = {
data/ne-3.1.2/src/help.c:1283:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const READONLY_HELP[13] = {
data/ne-3.1.2/src/help.c:1298:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const RECORD_HELP[21] = {
data/ne-3.1.2/src/help.c:1321:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const REDO_HELP[8] = {
data/ne-3.1.2/src/help.c:1331:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const REFRESH_HELP[11] = {
data/ne-3.1.2/src/help.c:1344:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const REPEATLAST_HELP[31] = {
data/ne-3.1.2/src/help.c:1377:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const REPLACE_HELP[45] = {
data/ne-3.1.2/src/help.c:1424:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const REPLACEALL_HELP[14] = {
data/ne-3.1.2/src/help.c:1440:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const REPLACEONCE_HELP[10] = {
data/ne-3.1.2/src/help.c:1452:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const REQUESTORDER_HELP[15] = {
data/ne-3.1.2/src/help.c:1469:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const RIGHTMARGIN_HELP[12] = {
data/ne-3.1.2/src/help.c:1483:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVE_HELP[17] = {
data/ne-3.1.2/src/help.c:1502:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVEALL_HELP[10] = {
data/ne-3.1.2/src/help.c:1514:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVEAS_HELP[18] = {
data/ne-3.1.2/src/help.c:1534:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVEAUTOPREFS_HELP[7] = {
data/ne-3.1.2/src/help.c:1543:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVECLIP_HELP[13] = {
data/ne-3.1.2/src/help.c:1558:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVEDEFPREFS_HELP[6] = {
data/ne-3.1.2/src/help.c:1566:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVEMACRO_HELP[20] = {
data/ne-3.1.2/src/help.c:1588:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SAVEPREFS_HELP[11] = {
data/ne-3.1.2/src/help.c:1601:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SEARCHBACK_HELP[14] = {
data/ne-3.1.2/src/help.c:1617:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SELECTDOC_HELP[24] = {
data/ne-3.1.2/src/help.c:1643:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SETBOOKMARK_HELP[17] = {
data/ne-3.1.2/src/help.c:1662:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SHIFT_HELP[21] = {
data/ne-3.1.2/src/help.c:1685:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SHIFTTABS_HELP[9] = {
data/ne-3.1.2/src/help.c:1696:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const STATUSBAR_HELP[22] = {
data/ne-3.1.2/src/help.c:1720:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SUSPEND_HELP[6] = {
data/ne-3.1.2/src/help.c:1728:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SYNTAX_HELP[46] = {
data/ne-3.1.2/src/help.c:1776:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const SYSTEM_HELP[10] = {
data/ne-3.1.2/src/help.c:1788:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const TABS_HELP[17] = {
data/ne-3.1.2/src/help.c:1807:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const TABSIZE_HELP[9] = {
data/ne-3.1.2/src/help.c:1818:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const THROUGH_HELP[15] = {
data/ne-3.1.2/src/help.c:1835:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const TOGGLESEOF_HELP[10] = {
data/ne-3.1.2/src/help.c:1847:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const TOGGLESEOL_HELP[10] = {
data/ne-3.1.2/src/help.c:1859:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const TOLOWER_HELP[5] = {
data/ne-3.1.2/src/help.c:1866:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const TOUPPER_HELP[15] = {
data/ne-3.1.2/src/help.c:1883:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const TURBO_HELP[29] = {
data/ne-3.1.2/src/help.c:1914:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const UNDELLINE_HELP[15] = {
data/ne-3.1.2/src/help.c:1931:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const UNDO_HELP[9] = {
data/ne-3.1.2/src/help.c:1942:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const UNLOADMACROS_HELP[12] = {
data/ne-3.1.2/src/help.c:1956:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const UNSETBOOKMARK_HELP[11] = {
data/ne-3.1.2/src/help.c:1969:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const UTF8_HELP[20] = {
data/ne-3.1.2/src/help.c:1991:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const UTF8AUTO_HELP[14] = {
data/ne-3.1.2/src/help.c:2007:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const UTF8IO_HELP[13] = {
data/ne-3.1.2/src/help.c:2022:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const VERBOSEMACROS_HELP[21] = {
data/ne-3.1.2/src/help.c:2045:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const VISUALBELL_HELP[10] = {
data/ne-3.1.2/src/help.c:2057:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const WORDWRAP_HELP[15] = {
data/ne-3.1.2/src/help.h:22:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const ABOUT_HELP[ 7 ];
data/ne-3.1.2/src/help.h:23:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const ADJUSTVIEW_HELP[ 26 ];
data/ne-3.1.2/src/help.h:24:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const ALERT_HELP[ 5 ];
data/ne-3.1.2/src/help.h:25:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const ATOMICUNDO_HELP[ 22 ];
data/ne-3.1.2/src/help.h:26:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const AUTOCOMPLETE_HELP[ 20 ];
data/ne-3.1.2/src/help.h:27:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const AUTOINDENT_HELP[ 22 ];
data/ne-3.1.2/src/help.h:28:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const AUTOMATCHBRACKET_HELP[ 11 ];
data/ne-3.1.2/src/help.h:29:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const AUTOPREFS_HELP[ 14 ];
data/ne-3.1.2/src/help.h:30:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const BACKSPACE_HELP[ 6 ];
data/ne-3.1.2/src/help.h:31:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const BEEP_HELP[ 6 ];
data/ne-3.1.2/src/help.h:32:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const BINARY_HELP[ 25 ];
data/ne-3.1.2/src/help.h:33:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CAPITALIZE_HELP[ 6 ];
data/ne-3.1.2/src/help.h:34:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CASESEARCH_HELP[ 12 ];
data/ne-3.1.2/src/help.h:35:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CENTER_HELP[ 8 ];
data/ne-3.1.2/src/help.h:36:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CLEAR_HELP[ 7 ];
data/ne-3.1.2/src/help.h:37:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CLIPNUMBER_HELP[ 11 ];
data/ne-3.1.2/src/help.h:38:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CLOSEDOC_HELP[ 7 ];
data/ne-3.1.2/src/help.h:39:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const COPY_HELP[ 10 ];
data/ne-3.1.2/src/help.h:40:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CRLF_HELP[ 15 ];
data/ne-3.1.2/src/help.h:41:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const CUT_HELP[ 5 ];
data/ne-3.1.2/src/help.h:42:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DELETECHAR_HELP[ 10 ];
data/ne-3.1.2/src/help.h:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DELETEEOL_HELP[ 10 ];
data/ne-3.1.2/src/help.h:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DELETELINE_HELP[ 9 ];
data/ne-3.1.2/src/help.h:45:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DELETENEXTWORD_HELP[ 8 ];
data/ne-3.1.2/src/help.h:46:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DELETEPREVWORD_HELP[ 9 ];
data/ne-3.1.2/src/help.h:47:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DELTABS_HELP[ 9 ];
data/ne-3.1.2/src/help.h:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const DOUNDO_HELP[ 21 ];
data/ne-3.1.2/src/help.h:49:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const ERASE_HELP[ 6 ];
data/ne-3.1.2/src/help.h:50:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const ESCAPE_HELP[ 7 ];
data/ne-3.1.2/src/help.h:51:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const ESCAPETIME_HELP[ 16 ];
data/ne-3.1.2/src/help.h:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const EXEC_HELP[ 14 ];
data/ne-3.1.2/src/help.h:53:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const EXIT_HELP[ 12 ];
data/ne-3.1.2/src/help.h:54:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const FASTGUI_HELP[ 19 ];
data/ne-3.1.2/src/help.h:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const FIND_HELP[ 12 ];
data/ne-3.1.2/src/help.h:56:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const FINDREGEXP_HELP[ 12 ];
data/ne-3.1.2/src/help.h:57:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const FLAGS_HELP[ 35 ];
data/ne-3.1.2/src/help.h:58:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const FLASH_HELP[ 6 ];
data/ne-3.1.2/src/help.h:59:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const FREEFORM_HELP[ 18 ];
data/ne-3.1.2/src/help.h:60:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const GOTOBOOKMARK_HELP[ 20 ];
data/ne-3.1.2/src/help.h:61:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const GOTOCOLUMN_HELP[ 8 ];
data/ne-3.1.2/src/help.h:62:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const GOTOLINE_HELP[ 10 ];
data/ne-3.1.2/src/help.h:63:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const GOTOMARK_HELP[ 9 ];
data/ne-3.1.2/src/help.h:64:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const HELP_HELP[ 14 ];
data/ne-3.1.2/src/help.h:65:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const HEXCODE_HELP[ 6 ];
data/ne-3.1.2/src/help.h:66:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const INSERT_HELP[ 12 ];
data/ne-3.1.2/src/help.h:67:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const INSERTCHAR_HELP[ 21 ];
data/ne-3.1.2/src/help.h:68:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const INSERTLINE_HELP[ 7 ];
data/ne-3.1.2/src/help.h:69:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const INSERTSTRING_HELP[ 12 ];
data/ne-3.1.2/src/help.h:70:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const INSERTTAB_HELP[ 7 ];
data/ne-3.1.2/src/help.h:71:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const KEYCODE_HELP[ 12 ];
data/ne-3.1.2/src/help.h:72:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const LINEDOWN_HELP[ 6 ];
data/ne-3.1.2/src/help.h:73:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const LINEUP_HELP[ 6 ];
data/ne-3.1.2/src/help.h:74:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const LOADAUTOPREFS_HELP[ 7 ];
data/ne-3.1.2/src/help.h:75:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const LOADPREFS_HELP[ 16 ];
data/ne-3.1.2/src/help.h:76:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MACRO_HELP[ 33 ];
data/ne-3.1.2/src/help.h:77:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MARK_HELP[ 12 ];
data/ne-3.1.2/src/help.h:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MARKVERT_HELP[ 21 ];
data/ne-3.1.2/src/help.h:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MATCHBRACKET_HELP[ 9 ];
data/ne-3.1.2/src/help.h:80:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MODIFIED_HELP[ 15 ];
data/ne-3.1.2/src/help.h:81:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVEBOS_HELP[ 6 ];
data/ne-3.1.2/src/help.h:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVEEOF_HELP[ 5 ];
data/ne-3.1.2/src/help.h:83:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVEEOL_HELP[ 5 ];
data/ne-3.1.2/src/help.h:84:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVEEOW_HELP[ 8 ];
data/ne-3.1.2/src/help.h:85:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVEINCDOWN_HELP[ 9 ];
data/ne-3.1.2/src/help.h:86:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVEINCUP_HELP[ 9 ];
data/ne-3.1.2/src/help.h:87:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVELEFT_HELP[ 6 ];
data/ne-3.1.2/src/help.h:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVERIGHT_HELP[ 6 ];
data/ne-3.1.2/src/help.h:89:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVESOF_HELP[ 5 ];
data/ne-3.1.2/src/help.h:90:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVESOL_HELP[ 6 ];
data/ne-3.1.2/src/help.h:91:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const MOVETOS_HELP[ 5 ];
data/ne-3.1.2/src/help.h:92:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const NAMECONVERT_HELP[ 10 ];
data/ne-3.1.2/src/help.h:93:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const NEWDOC_HELP[ 8 ];
data/ne-3.1.2/src/help.h:94:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const NEXTDOC_HELP[ 5 ];
data/ne-3.1.2/src/help.h:95:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const NEXTPAGE_HELP[ 8 ];
data/ne-3.1.2/src/help.h:96:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const NEXTWORD_HELP[ 6 ];
data/ne-3.1.2/src/help.h:97:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const NOFILEREQ_HELP[ 10 ];
data/ne-3.1.2/src/help.h:98:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const NOP_HELP[ 5 ];
data/ne-3.1.2/src/help.h:99:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const OPEN_HELP[ 18 ];
data/ne-3.1.2/src/help.h:100:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const OPENCLIP_HELP[ 14 ];
data/ne-3.1.2/src/help.h:101:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const OPENMACRO_HELP[ 14 ];
data/ne-3.1.2/src/help.h:102:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const OPENNEW_HELP[ 6 ];
data/ne-3.1.2/src/help.h:103:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PAGEDOWN_HELP[ 6 ];
data/ne-3.1.2/src/help.h:104:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PAGEUP_HELP[ 6 ];
data/ne-3.1.2/src/help.h:105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PARAGRAPH_HELP[ 27 ];
data/ne-3.1.2/src/help.h:106:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PASTE_HELP[ 7 ];
data/ne-3.1.2/src/help.h:107:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PASTEVERT_HELP[ 7 ];
data/ne-3.1.2/src/help.h:108:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PLAY_HELP[ 15 ];
data/ne-3.1.2/src/help.h:109:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const POPPREFS_HELP[ 25 ];
data/ne-3.1.2/src/help.h:110:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PRESERVECR_HELP[ 15 ];
data/ne-3.1.2/src/help.h:111:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PREVDOC_HELP[ 5 ];
data/ne-3.1.2/src/help.h:112:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PREVPAGE_HELP[ 8 ];
data/ne-3.1.2/src/help.h:113:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PREVWORD_HELP[ 8 ];
data/ne-3.1.2/src/help.h:114:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const PUSHPREFS_HELP[ 24 ];
data/ne-3.1.2/src/help.h:115:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const QUIT_HELP[ 6 ];
data/ne-3.1.2/src/help.h:116:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const READONLY_HELP[ 13 ];
data/ne-3.1.2/src/help.h:117:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const RECORD_HELP[ 21 ];
data/ne-3.1.2/src/help.h:118:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const REDO_HELP[ 8 ];
data/ne-3.1.2/src/help.h:119:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const REFRESH_HELP[ 11 ];
data/ne-3.1.2/src/help.h:120:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const REPEATLAST_HELP[ 31 ];
data/ne-3.1.2/src/help.h:121:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const REPLACE_HELP[ 45 ];
data/ne-3.1.2/src/help.h:122:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const REPLACEALL_HELP[ 14 ];
data/ne-3.1.2/src/help.h:123:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const REPLACEONCE_HELP[ 10 ];
data/ne-3.1.2/src/help.h:124:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const REQUESTORDER_HELP[ 15 ];
data/ne-3.1.2/src/help.h:125:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const RIGHTMARGIN_HELP[ 12 ];
data/ne-3.1.2/src/help.h:126:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVE_HELP[ 17 ];
data/ne-3.1.2/src/help.h:127:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVEALL_HELP[ 10 ];
data/ne-3.1.2/src/help.h:128:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVEAS_HELP[ 18 ];
data/ne-3.1.2/src/help.h:129:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVEAUTOPREFS_HELP[ 7 ];
data/ne-3.1.2/src/help.h:130:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVECLIP_HELP[ 13 ];
data/ne-3.1.2/src/help.h:131:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVEDEFPREFS_HELP[ 6 ];
data/ne-3.1.2/src/help.h:132:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVEMACRO_HELP[ 20 ];
data/ne-3.1.2/src/help.h:133:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SAVEPREFS_HELP[ 11 ];
data/ne-3.1.2/src/help.h:134:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SEARCHBACK_HELP[ 14 ];
data/ne-3.1.2/src/help.h:135:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SELECTDOC_HELP[ 24 ];
data/ne-3.1.2/src/help.h:136:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SETBOOKMARK_HELP[ 17 ];
data/ne-3.1.2/src/help.h:137:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SHIFT_HELP[ 21 ];
data/ne-3.1.2/src/help.h:138:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SHIFTTABS_HELP[ 9 ];
data/ne-3.1.2/src/help.h:139:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const STATUSBAR_HELP[ 22 ];
data/ne-3.1.2/src/help.h:140:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SUSPEND_HELP[ 6 ];
data/ne-3.1.2/src/help.h:141:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SYNTAX_HELP[ 46 ];
data/ne-3.1.2/src/help.h:142:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const SYSTEM_HELP[ 10 ];
data/ne-3.1.2/src/help.h:143:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TABS_HELP[ 17 ];
data/ne-3.1.2/src/help.h:144:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TABSIZE_HELP[ 9 ];
data/ne-3.1.2/src/help.h:145:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const THROUGH_HELP[ 15 ];
data/ne-3.1.2/src/help.h:146:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TOGGLESEOF_HELP[ 10 ];
data/ne-3.1.2/src/help.h:147:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TOGGLESEOL_HELP[ 10 ];
data/ne-3.1.2/src/help.h:148:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TOLOWER_HELP[ 5 ];
data/ne-3.1.2/src/help.h:149:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TOUPPER_HELP[ 15 ];
data/ne-3.1.2/src/help.h:150:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const TURBO_HELP[ 29 ];
data/ne-3.1.2/src/help.h:151:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const UNDELLINE_HELP[ 15 ];
data/ne-3.1.2/src/help.h:152:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const UNDO_HELP[ 9 ];
data/ne-3.1.2/src/help.h:153:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const UNLOADMACROS_HELP[ 12 ];
data/ne-3.1.2/src/help.h:154:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const UNSETBOOKMARK_HELP[ 11 ];
data/ne-3.1.2/src/help.h:155:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const UTF8_HELP[ 20 ];
data/ne-3.1.2/src/help.h:156:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const UTF8AUTO_HELP[ 14 ];
data/ne-3.1.2/src/help.h:157:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const UTF8IO_HELP[ 13 ];
data/ne-3.1.2/src/help.h:158:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const VERBOSEMACROS_HELP[ 21 ];
data/ne-3.1.2/src/help.h:159:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const VISUALBELL_HELP[ 10 ];
data/ne-3.1.2/src/help.h:160:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const WORDWRAP_HELP[ 15 ];
data/ne-3.1.2/src/info2cap.c:140:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tparam_buffer[TPARAM_BUF_LEN];
data/ne-3.1.2/src/info2cap.c:152:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tparam_buffer, p, TPARAM_BUF_LEN - 1);
data/ne-3.1.2/src/info2cap.c:251:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (s = getenv("LINES")) l = atoi(s);
data/ne-3.1.2/src/info2cap.c:252:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (s = getenv("COLUMNS")) c = atoi(s);
data/ne-3.1.2/src/input.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char input_buffer[MAX_INPUT_LINE_LEN + 1];
data/ne-3.1.2/src/input.c:192:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t[MAX_INT_LEN];
data/ne-3.1.2/src/inputclass.c:24:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *input_class_names[INPUT_CLASS_COUNT] = {
data/ne-3.1.2/src/inputclass.c:40:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *key_binding[NUM_KEYS] = {
data/ne-3.1.2/src/inputclass.c:404:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char meta_prefixed[128][3] = {
data/ne-3.1.2/src/inputclass.c:535:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *key_stroke[NUM_KEYS] = {
data/ne-3.1.2/src/keys.c:154:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char meta_prefixed[128][3];
data/ne-3.1.2/src/keys.c:433:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char kbd_buffer[KBD_BUF_SIZE];
data/ne-3.1.2/src/menu.c:320:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen("ne_test_dump_config", "w")) ) return ERROR;
data/ne-3.1.2/src/menu.c:558:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_FLAG_STRING_SIZE];
data/ne-3.1.2/src/menu.c:623:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bar_buffer[MAX_BAR_BUFFER_SIZE];
data/ne-3.1.2/src/menu.c:624:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flag_string[MAX_FLAG_STRING_SIZE];
data/ne-3.1.2/src/menu.c:672:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(bar_buffer, "%3d", percent);
data/ne-3.1.2/src/menu.c:743:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg_cache[MAX_MESSAGE_LENGTH];
data/ne-3.1.2/src/names.c:461:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const command_names[ACTION_COUNT+1] = {
data/ne-3.1.2/src/names.h:451:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const command_names[ACTION_COUNT+1];
data/ne-3.1.2/src/ne.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[256] = ABOUT_MSG " Global directory";
data/ne-3.1.2/src/ne.c:283:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcat(strcpy(new_not_found, "Not Found. (RepeatLast with "), repeat_last_keystroke), " to wrap.)");
data/ne-3.1.2/src/ne.c:283:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcat(strcat(strcpy(new_not_found, "Not Found. (RepeatLast with "), repeat_last_keystroke), " to wrap.)");
data/ne-3.1.2/src/prefs.c:336:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char virt_name[strlen(VIRTUAL_EXT_NAME_G) + strlen(prefs_dir) + 1];
data/ne-3.1.2/src/prefs.c:343:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char virt_name[strlen(VIRTUAL_EXT_NAME) + strlen(prefs_dir) + 1];
data/ne-3.1.2/src/prefs.c:500:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[120];
data/ne-3.1.2/src/prefs.c:502:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "PushPrefs failed, stack is full. %d prefs now on stack.", pstack.pcount);
data/ne-3.1.2/src/prefs.c:508:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "User Prefs Pushed, %d Prefs now on stack.", pstack.pcount);
data/ne-3.1.2/src/prefs.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[120];
data/ne-3.1.2/src/prefs.c:516:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "PopPrefs failed, stack is empty.");
data/ne-3.1.2/src/prefs.c:522:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "User Prefs Popped, %d Prefs remain on stack.", pstack.pcount);
data/ne-3.1.2/src/regcomp.c:318:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[MB_LEN_MAX];
data/ne-3.1.2/src/regcomp.c:401:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ne-3.1.2/src/regcomp.c:553:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (errbuf, msg, cpy_size);
data/ne-3.1.2/src/regcomp.c:3171:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char start_name_buf[BRACKET_NAME_BUF_SIZE];
data/ne-3.1.2/src/regcomp.c:3172:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char end_name_buf[BRACKET_NAME_BUF_SIZE];
data/ne-3.1.2/src/regcomp.c:3494:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char char_buf[2];
data/ne-3.1.2/src/regex.h:645:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *_Restrict_ __string, size_t __nmatch,
data/ne-3.1.2/src/regex_internal.c:205:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[MB_LEN_MAX];
data/ne-3.1.2/src/regex_internal.c:208:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/ne-3.1.2/src/regex_internal.c:277:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MB_LEN_MAX];
data/ne-3.1.2/src/regex_internal.c:280:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ne-3.1.2/src/regex_internal.c:321:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pstr->mbs + byte_idx, buf, mbclen);
data/ne-3.1.2/src/regex_internal.c:329:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pstr->mbs + byte_idx,
data/ne-3.1.2/src/regex_internal.c:390:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pstr->mbs + byte_idx, buf, mbclen);
data/ne-3.1.2/src/regex_internal.c:415:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pstr->mbs + byte_idx, buf, mbcdlen);
data/ne-3.1.2/src/regex_internal.c:434:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pstr->mbs + byte_idx, p, mbclen);
data/ne-3.1.2/src/regex_internal.c:437:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pstr->mbs + byte_idx, p, mbclen);
data/ne-3.1.2/src/regex_internal.c:733:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[6];
data/ne-3.1.2/src/regex_internal.c:1037:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest->elems, src->elems, src->nelem * sizeof (Idx));
data/ne-3.1.2/src/regex_internal.c:1131:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest->elems, dest->elems + sbase, delta * sizeof (Idx));
data/ne-3.1.2/src/regex_internal.c:1175:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest->elems + id, src1->elems + i1,
data/ne-3.1.2/src/regex_internal.c:1181:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest->elems + id, src2->elems + i2,
data/ne-3.1.2/src/regex_internal.c:1212:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest->elems, src->elems, src->nelem * sizeof (Idx));
data/ne-3.1.2/src/regex_internal.c:1233:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest->elems + sbase, src->elems, (is + 1) * sizeof (Idx));
data/ne-3.1.2/src/regex_internal.c:1261:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest->elems, dest->elems + sbase,
data/ne-3.1.2/src/regex_internal.h:801:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, src, sizeof (bitset_t));
data/ne-3.1.2/src/regexec.c:372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__mempcpy (s, string1, length1), string2, length2);
data/ne-3.1.2/src/regexec.c:374:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s, string1, length1);
data/ne-3.1.2/src/regexec.c:375:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s + length1, string2, length2);
data/ne-3.1.2/src/regexec.c:1381:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (fs->stack[num].regs, regs, sizeof (regmatch_t) * nregs);
data/ne-3.1.2/src/regexec.c:1394:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (regs, fs->stack[num].regs, sizeof (regmatch_t) * nregs);
data/ne-3.1.2/src/regexec.c:1448:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prev_idx_match, pmatch, sizeof (regmatch_t) * nmatch);
data/ne-3.1.2/src/regexec.c:1558:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prev_idx_match, pmatch, sizeof (regmatch_t) * nmatch);
data/ne-3.1.2/src/regexec.c:1569:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pmatch, prev_idx_match, sizeof (regmatch_t) * nmatch);
data/ne-3.1.2/src/request.c:454:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rl.entries, rlp0->entries, rl.cur_entries * sizeof(char *));
data/ne-3.1.2/src/request.c:777:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char syn_dir_name[512];
data/ne-3.1.2/src/search.c:60:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char localised_up_case[256];
data/ne-3.1.2/src/search.c:65:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char ascii_up_case[256] = {
data/ne-3.1.2/src/search.c:512:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, ld->line + re_reg.start[i], re_reg.end[i] - re_reg.start[i]);
data/ne-3.1.2/src/search.c:576:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, b->cur_line_desc->line + re_reg.start[0], re_reg.end[0] - re_reg.start[0]);
data/ne-3.1.2/src/streams.c:97:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cs->stream + cs->len, s, len);
data/ne-3.1.2/src/streams.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cs->stream + pos, s, len);
data/ne-3.1.2/src/streams.c:196:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open(name, READ_FLAGS);
data/ne-3.1.2/src/streams.c:265:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open(name, WRITE_FLAGS, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
data/ne-3.1.2/src/support.c:159:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(c, "../");
data/ne-3.1.2/src/support.c:312:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, filename + 1, s - filename - 1);
data/ne-3.1.2/src/support.c:355:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dup, s, len + 1);
data/ne-3.1.2/src/support.c:549:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8192];
data/ne-3.1.2/src/support.c:566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8192] = {};
data/ne-3.1.2/src/support.c:595:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[16] = ".ne-mmap-XXXXXX";
data/ne-3.1.2/src/support.c:596:25: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
const int mapped_fd = mkstemp(template);
data/ne-3.1.2/src/support.c:681:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[16];
data/ne-3.1.2/src/syn_types.h:104:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char saved_s[24]; /* Buffer for saved delimiters */
data/ne-3.1.2/src/syn_utf8.h:37:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8]; /* Record of sequence */
data/ne-3.1.2/src/syn_utils.c:106:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,bf,size+1);
data/ne-3.1.2/src/syn_utils.c:204:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zs.s,s,len);
data/ne-3.1.2/src/syn_utils.c:301:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*buf = atoi((char *)p);
data/ne-3.1.2/src/syn_utils.c:318:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*buf = atol((char *)p);
data/ne-3.1.2/src/syn_utils.c:378:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/ne-3.1.2/src/syntax.c:130:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(s[0]=='f' && s[1]=='g' && s[2]=='_' && atoi((char *)(s+3)) >= 0 && atoi((char *)(s+3)) <= 23)
data/ne-3.1.2/src/syntax.c:130:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(s[0]=='f' && s[1]=='g' && s[2]=='_' && atoi((char *)(s+3)) >= 0 && atoi((char *)(s+3)) <= 23)
data/ne-3.1.2/src/syntax.c:131:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return FG_NOT_DEFAULT | (232 + (atoi((char *)(s+3)) << FG_SHIFT));
data/ne-3.1.2/src/syntax.c:133:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(s[0]=='b' && s[1]=='g' && s[2]=='_' && atoi((char *)(s+3)) >= 0 && atoi((char *)(s+3)) <= 23)
data/ne-3.1.2/src/syntax.c:133:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(s[0]=='b' && s[1]=='g' && s[2]=='_' && atoi((char *)(s+3)) >= 0 && atoi((char *)(s+3)) <= 23)
data/ne-3.1.2/src/syntax.c:134:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return BG_NOT_DEFAULT | (232 + (atoi((char *)(s+3)) << BG_SHIFT));
data/ne-3.1.2/src/syntax.c:144:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[32];
data/ne-3.1.2/src/syntax.c:188:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[24]; /* Name buffer (trunc after 23 characters) */
data/ne-3.1.2/src/syntax.c:189:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lbuf[24]; /* Lower case version of name buffer */
data/ne-3.1.2/src/syntax.c:190:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lsaved_s[24]; /* Lower case version of delimiter match buffer */
data/ne-3.1.2/src/syntax.c:474:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[256];
data/ne-3.1.2/src/syntax.c:488:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[256];
data/ne-3.1.2/src/syntax.c:528:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[256];
data/ne-3.1.2/src/syntax.c:595:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/ne-3.1.2/src/syntax.c:596:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[256];
data/ne-3.1.2/src/syntax.c:597:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf1[256];
data/ne-3.1.2/src/syntax.c:696:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[1024];
data/ne-3.1.2/src/syntax.c:697:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/ne-3.1.2/src/syntax.c:698:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[256];
data/ne-3.1.2/src/syntax.c:714:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)name,"r");
data/ne-3.1.2/src/syntax.c:719:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen((char *)name,"r");
data/ne-3.1.2/src/term.c:733:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t[8];
data/ne-3.1.2/src/term.c:836:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t[8];
data/ne-3.1.2/src/termcap.c:26:14: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#if !defined(bcopy)
data/ne-3.1.2/src/termcap.c:27:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/ne-3.1.2/src/termcap.c:27:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/ne-3.1.2/src/termcap.c:122:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (ptr);
data/ne-3.1.2/src/termcap.c:377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char esa[NAM$C_MAXRSS];
data/ne-3.1.2/src/termcap.c:495:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (termcap_name, O_RDONLY|O_TEXT, 0);
data/ne-3.1.2/src/termcap.c:497:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (termcap_name, O_RDONLY, 0);
data/ne-3.1.2/src/termcap.c:715:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy (bufp->ptr, buf, bufp->full -= bufp->ptr - buf);
data/ne-3.1.2/src/tparam.c:26:14: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#if !defined(bcopy)
data/ne-3.1.2/src/tparam.c:27:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/ne-3.1.2/src/tparam.c:27:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/ne-3.1.2/src/tparam.c:100:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tgoto_buf[50];
data/ne-3.1.2/src/tparam.c:148:8: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy (outstring, new, offset);
data/ne-3.1.2/src/tparam.c:309:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ne-3.1.2/src/tparam.c:311:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
args[0] = atoi (argv[2]);
data/ne-3.1.2/src/tparam.c:312:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
args[1] = atoi (argv[3]);
data/ne-3.1.2/src/tparam.c:313:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
args[2] = atoi (argv[4]);
data/ne-3.1.2/src/trace.c:6:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp_trace = fopen("trace.out", "w");
data/ne-3.1.2/src/undo.c:149:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ub->streams[ub->cur_stream], p, len);
data/ne-3.1.2/src/#buffer.c:1136:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return insert_stream(b, ld, line, pos, t, strlen(t));
data/ne-3.1.2/src/#buffer.c:1425:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t result = read(fd, buffer, to_do);
data/ne-3.1.2/src/#buffer.c:1448:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t result = read(fd, p, to_do);
data/ne-3.1.2/src/#buffer.c:1482:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t result = read(fd, p, to_do);
data/ne-3.1.2/src/#buffer.c:1951:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p = malloc(strlen(file_part(b->filename)) + )) {
data/ne-3.1.2/src/#buffer.c:1952:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(p, "#");
data/ne-3.1.2/src/actions.c:520:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoding_type encoding = detect_encoding(p, strlen(p));
data/ne-3.1.2/src/actions.c:1008:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const encoding_type encoding = detect_encoding(p, strlen(p));
data/ne-3.1.2/src/actions.c:1037:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const encoding_type search_encoding = detect_encoding(q, strlen(q));
data/ne-3.1.2/src/actions.c:1052:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const encoding_type replace_encoding = detect_encoding(p, strlen(p));
data/ne-3.1.2/src/actions.c:1087:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else error = replace(b, strlen(b->find_string), p);
data/ne-3.1.2/src/actions.c:1159:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const encoding_type search_encoding = detect_encoding(b->find_string, strlen(b->find_string));
data/ne-3.1.2/src/actions.c:1162:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const encoding_type replace_encoding = detect_encoding(b->replace_string, strlen(b->replace_string));
data/ne-3.1.2/src/actions.c:1179:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else error = replace(b, strlen(b->find_string), b->replace_string);
data/ne-3.1.2/src/actions.c:1613:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmpnam1[strlen(P_tmpdir)+strlen(NE_TMP)+2], tmpnam2[strlen(P_tmpdir)+strlen(NE_TMP)+2], *command;
data/ne-3.1.2/src/actions.c:1613:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmpnam1[strlen(P_tmpdir)+strlen(NE_TMP)+2], tmpnam2[strlen(P_tmpdir)+strlen(NE_TMP)+2], *command;
data/ne-3.1.2/src/actions.c:1613:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmpnam1[strlen(P_tmpdir)+strlen(NE_TMP)+2], tmpnam2[strlen(P_tmpdir)+strlen(NE_TMP)+2], *command;
data/ne-3.1.2/src/actions.c:1613:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmpnam1[strlen(P_tmpdir)+strlen(NE_TMP)+2], tmpnam2[strlen(P_tmpdir)+strlen(NE_TMP)+2], *command;
data/ne-3.1.2/src/actions.c:1615:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(strcat(strcpy(tmpnam1, P_tmpdir), "/"), NE_TMP);
data/ne-3.1.2/src/actions.c:1616:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(strcat(strcpy(tmpnam2, P_tmpdir), "/"), NE_TMP);
data/ne-3.1.2/src/actions.c:1626:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (command = malloc(strlen(p) + strlen(tmpnam1) + strlen(tmpnam2) + 16)) {
data/ne-3.1.2/src/actions.c:1626:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (command = malloc(strlen(p) + strlen(tmpnam1) + strlen(tmpnam2) + 16)) {
data/ne-3.1.2/src/actions.c:1626:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (command = malloc(strlen(p) + strlen(tmpnam1) + strlen(tmpnam2) + 16)) {
data/ne-3.1.2/src/autocomp.c:52:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, s, cplen);
data/ne-3.1.2/src/autocomp.c:59:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int p_len = strlen(p);
data/ne-3.1.2/src/autocomp.c:103:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int max_len = 0, min_len = INT_MAX, prefix_len = strlen(p);
data/ne-3.1.2/src/autocomp.c:133:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int l = strlen(rl.entries[i]);
data/ne-3.1.2/src/autocomp.c:147:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rl.entries[rl.cur_entries/2][strlen(rl.entries[rl.cur_entries/2]) - 1] == EXTERNAL_FLAG_CHAR) rl.entries[rl.cur_entries/2][strlen(rl.entries[rl.cur_entries/2]) - 1] = 0;
data/ne-3.1.2/src/autocomp.c:147:130: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rl.entries[rl.cur_entries/2][strlen(rl.entries[rl.cur_entries/2]) - 1] == EXTERNAL_FLAG_CHAR) rl.entries[rl.cur_entries/2][strlen(rl.entries[rl.cur_entries/2]) - 1] = 0;
data/ne-3.1.2/src/autocomp.c:158:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int m = strlen(rl.entries[0]);
data/ne-3.1.2/src/autocomp.c:171:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, rl.entries[0], m);
data/ne-3.1.2/src/autocomp.c:181:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rl.entries[result][strlen(rl.entries[result]) - 1] == EXTERNAL_FLAG_CHAR) rl.entries[result][strlen(rl.entries[result]) - 1] = 0;
data/ne-3.1.2/src/autocomp.c:181:102: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rl.entries[result][strlen(rl.entries[result]) - 1] == EXTERNAL_FLAG_CHAR) rl.entries[result][strlen(rl.entries[result]) - 1] = 0;
data/ne-3.1.2/src/buffer.c:874:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return insert_stream(b, ld, line, pos, t, strlen(t));
data/ne-3.1.2/src/buffer.c:1163:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t result = read(fd, buffer, to_do);
data/ne-3.1.2/src/buffer.c:1186:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t result = read(fd, p, to_do);
data/ne-3.1.2/src/buffer.c:1220:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t result = read(fd, p, to_do);
data/ne-3.1.2/src/buffer.c:1654:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p = malloc(strlen(file_part(b->filename)) + 2)) {
data/ne-3.1.2/src/buffer.c:1655:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(p, "#");
data/ne-3.1.2/src/command.c:276:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(p);
data/ne-3.1.2/src/command.c:297:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(p);
data/ne-3.1.2/src/command.c:337:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoding_type encoding = detect_encoding(command_line, strlen(command_line));
data/ne-3.1.2/src/command.c:390:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p && *p) add_to_stream(cs, p, strlen(p) + 1);
data/ne-3.1.2/src/command.c:395:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (verbose) add_to_stream(cs, commands[a].name, strlen(commands[a].name));
data/ne-3.1.2/src/command.c:396:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else add_to_stream(cs, commands[a].short_name, strlen(commands[a].short_name));
data/ne-3.1.2/src/command.c:400:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_to_stream(cs, t, strlen(t));
data/ne-3.1.2/src/command.c:405:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_to_stream(cs, p, strlen(p));
data/ne-3.1.2/src/command.c:458:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(&cs->stream[pos]) + 1;
data/ne-3.1.2/src/command.c:475:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (int64_t pos = 0; pos < cs->len; pos += strlen(&cs->stream[pos]) + 1) {
data/ne-3.1.2/src/command.c:479:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delete_from_stream(cs, pos, strlen(cmd) + 1);
data/ne-3.1.2/src/command.c:487:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int64_t len = strlen(insert);
data/ne-3.1.2/src/command.c:539:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/ne-3.1.2/src/command.c:567:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cs && (prefs_dir = exists_prefs_dir()) && (macro_dir = malloc(strlen(prefs_dir) + 2 + strlen(name)))) {
data/ne-3.1.2/src/command.c:567:93: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cs && (prefs_dir = exists_prefs_dir()) && (macro_dir = malloc(strlen(prefs_dir) + 2 + strlen(name)))) {
data/ne-3.1.2/src/command.c:573:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cs && (prefs_dir = exists_gprefs_dir()) && (macro_dir = malloc(strlen(prefs_dir) + 2 + strlen(name) + 7))) {
data/ne-3.1.2/src/command.c:573:94: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cs && (prefs_dir = exists_gprefs_dir()) && (macro_dir = malloc(strlen(prefs_dir) + 2 + strlen(name) + 7))) {
data/ne-3.1.2/src/command.c:586:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int h = hash_macro(md->name, strlen(md->name));
data/ne-3.1.2/src/command.c:615:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int h = hash_macro(p, strlen(p));
data/ne-3.1.2/src/command.c:626:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_to_stream(b->cur_macro, md->name, strlen(md->name)+1);
data/ne-3.1.2/src/command.c:631:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_to_stream(b->cur_macro, md->name, strlen(md->name)+1);
data/ne-3.1.2/src/command.c:663:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((!strncasecmp(commands[c].short_name, key_binding[i], strlen(commands[c].short_name))) &&
data/ne-3.1.2/src/command.c:664:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((!key_binding[i][strlen(commands[c].short_name)] ) ||
data/ne-3.1.2/src/command.c:665:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(key_binding[i][strlen(commands[c].short_name)] == ' ')
data/ne-3.1.2/src/command.c:668:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((!strncasecmp(commands[c].name, key_binding[i], strlen(commands[c].name))) &&
data/ne-3.1.2/src/command.c:669:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((!key_binding[i][strlen(commands[c].name)] ) ||
data/ne-3.1.2/src/command.c:670:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(key_binding[i][strlen(commands[c].name)] == ' ')
data/ne-3.1.2/src/command.c:679:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p = realloc(str, strlen(str) + strlen(key_stroke[i]) + 2)) {
data/ne-3.1.2/src/command.c:679:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p = realloc(str, strlen(str) + strlen(key_stroke[i]) + 2)) {
data/ne-3.1.2/src/command.c:695:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((str = malloc(strlen(key_strokes) + 16)))
data/ne-3.1.2/src/command.c:723:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(r = 0; r < strlen(p); r++) if (isasciispace((unsigned char)p[r])) break;
data/ne-3.1.2/src/input.c:98:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return start_x = strlen(prior_prompt) + 2;
data/ne-3.1.2/src/input.c:288:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(str) + 1);
data/ne-3.1.2/src/input.c:334:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, &input_buffer[prefix_pos], pos - prefix_pos);
data/ne-3.1.2/src/input.c:341:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoding_type ac_encoding = detect_encoding(p, strlen(p));
data/ne-3.1.2/src/input.c:353:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ac_len = strlen(p);
data/ne-3.1.2/src/input.c:537:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&input_buffer[pos], cd->cs->stream, paste_len);
data/ne-3.1.2/src/input.c:553:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input_buffer, default_string, MAX_INPUT_LINE_LEN);
data/ne-3.1.2/src/input.c:554:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(input_buffer);
data/ne-3.1.2/src/input.c:669:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (completion && (prefix - input_buffer) + strlen(completion) + 1 < MAX_INPUT_LINE_LEN) {
data/ne-3.1.2/src/input.c:670:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const encoding_type completion_encoding = detect_encoding(completion, strlen(completion));
data/ne-3.1.2/src/input.c:673:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (quoted) strcat(prefix, "\"");
data/ne-3.1.2/src/input.c:674:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(input_buffer);
data/ne-3.1.2/src/input.c:684:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if (quoted) strcat(prefix, "\"");
data/ne-3.1.2/src/input.c:734:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input_buffer,
data/ne-3.1.2/src/input.c:738:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(input_buffer);
data/ne-3.1.2/src/keys.c:522:7: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/ne-3.1.2/src/menu.c:507:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(menus[n].text);
data/ne-3.1.2/src/menu.c:647:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const bool update_filename = strlen(flag_string) != strlen(p);
data/ne-3.1.2/src/menu.c:647:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const bool update_filename = strlen(flag_string) != strlen(p);
data/ne-3.1.2/src/menu.c:708:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int encoding = detect_encoding(cur_buffer->filename, strlen(cur_buffer->filename));
data/ne-3.1.2/src/menu.c:709:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pos = 0, width = get_string_width(cur_buffer->filename, strlen(cur_buffer->filename), encoding);
data/ne-3.1.2/src/menu.c:747:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg_cache, message, MAX_MESSAGE_LENGTH);
data/ne-3.1.2/src/menu.c:763:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_spaces(ne_columns - strlen(msg_cache), NULL);
data/ne-3.1.2/src/menu.c:939:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * const menu_conf = malloc(strlen(prefs_dir) + strlen(menu_conf_name) + 1);
data/ne-3.1.2/src/menu.c:939:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * const menu_conf = malloc(strlen(prefs_dir) + strlen(menu_conf_name) + 1);
data/ne-3.1.2/src/menu.c:968:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else new_menus[cur_menu].xpos = new_menus[cur_menu - 1].xpos + strlen(new_menus[cur_menu - 1].text) + 1;
data/ne-3.1.2/src/menu.c:989:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (num_items_in_menu == 0 || strlen(new_items[cur_item].text) == new_menus[cur_menu].width) {
data/ne-3.1.2/src/menu.c:991:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((new_menus[cur_menu].width = strlen(new_items[cur_item].text)) == 0)
data/ne-3.1.2/src/menu.c:1013:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/ne-3.1.2/src/menu.c:1053:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * const key_bindings = malloc(strlen(prefs_dir) + strlen(key_bindings_name) + 1);
data/ne-3.1.2/src/menu.c:1053:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * const key_bindings = malloc(strlen(prefs_dir) + strlen(key_bindings_name) + 1);
data/ne-3.1.2/src/menu.c:1086:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (parse_string((unsigned char **)&p, (unsigned char *)buf, strlen(p)) > 0) { /* parse_string() expects double-quoted string. */
data/ne-3.1.2/src/menu.c:1104:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/ne-3.1.2/src/ne.c:181:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
re_compile_pattern(LOCALE_REGEX, strlen(LOCALE_REGEX), &re_pb);
data/ne-3.1.2/src/ne.c:182:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (re_search(&re_pb, locale, strlen(locale), 0, strlen(locale), &re_reg) >= 0) {
data/ne-3.1.2/src/ne.c:182:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (re_search(&re_pb, locale, strlen(locale), 0, strlen(locale), &re_reg) >= 0) {
data/ne-3.1.2/src/ne.c:282:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((new_not_found = malloc(39+strlen(repeat_last_keystroke)))) {
data/ne-3.1.2/src/prefs.c:62:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(int i = strlen(filename); i-- != 0;) {
data/ne-3.1.2/src/prefs.c:93:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prefs_dir = malloc(strlen(home_dir) + strlen(PREFS_DIR) + 3)) {
data/ne-3.1.2/src/prefs.c:93:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prefs_dir = malloc(strlen(home_dir) + strlen(PREFS_DIR) + 3)) {
data/ne-3.1.2/src/prefs.c:95:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(strcat(strcpy(prefs_dir, home_dir), "/"), PREFS_DIR);
data/ne-3.1.2/src/prefs.c:109:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
return strcat(prefs_dir, "/");
data/ne-3.1.2/src/prefs.c:132:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((global_dir = get_global_dir()) && (gprefs_dir = malloc(strlen(global_dir) + 3 ))) {
data/ne-3.1.2/src/prefs.c:143:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
return strcat(gprefs_dir, "/");
data/ne-3.1.2/src/prefs.c:336:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char virt_name[strlen(VIRTUAL_EXT_NAME_G) + strlen(prefs_dir) + 1];
data/ne-3.1.2/src/prefs.c:336:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char virt_name[strlen(VIRTUAL_EXT_NAME_G) + strlen(prefs_dir) + 1];
data/ne-3.1.2/src/prefs.c:343:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char virt_name[strlen(VIRTUAL_EXT_NAME) + strlen(prefs_dir) + 1];
data/ne-3.1.2/src/prefs.c:343:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char virt_name[strlen(VIRTUAL_EXT_NAME) + strlen(prefs_dir) + 1];
data/ne-3.1.2/src/prefs.c:443:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (auto_name = malloc(strlen(ext) + strlen(prefs_dir) + strlen(PREF_FILE_SUFFIX) + 2)) {
data/ne-3.1.2/src/prefs.c:443:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (auto_name = malloc(strlen(ext) + strlen(prefs_dir) + strlen(PREF_FILE_SUFFIX) + 2)) {
data/ne-3.1.2/src/prefs.c:443:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (auto_name = malloc(strlen(ext) + strlen(prefs_dir) + strlen(PREF_FILE_SUFFIX) + 2)) {
data/ne-3.1.2/src/prefs.c:454:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (auto_name = malloc(strlen(ext) + strlen(prefs_dir) + strlen(PREF_FILE_SUFFIX) + 2)) {
data/ne-3.1.2/src/prefs.c:454:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (auto_name = malloc(strlen(ext) + strlen(prefs_dir) + strlen(PREF_FILE_SUFFIX) + 2)) {
data/ne-3.1.2/src/prefs.c:454:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (auto_name = malloc(strlen(ext) + strlen(prefs_dir) + strlen(PREF_FILE_SUFFIX) + 2)) {
data/ne-3.1.2/src/regcomp.c:497:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = re_compile_internal (preg, pattern, strlen (pattern), syntax);
data/ne-3.1.2/src/regcomp.c:543:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_size = strlen (msg) + 1; /* Includes the null. */
data/ne-3.1.2/src/regcomp.c:714:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = re_compile_internal (&re_comp_buf, s, strlen (s), re_syntax_options);
data/ne-3.1.2/src/regcomp.c:782:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (dfa->re_str, pattern, length + 1);
data/ne-3.1.2/src/regcomp.c:2721:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen ((char *) start_elem->opr.name) > 1)
data/ne-3.1.2/src/regcomp.c:2723:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen ((char *) end_elem->opr.name) > 1), 0))
data/ne-3.1.2/src/regcomp.c:2830:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_len = strlen ((const char *) name);
data/ne-3.1.2/src/regcomp.c:2911:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sym_name_len = strlen ((char *) br_elem->opr.name);
data/ne-3.1.2/src/regcomp.c:3042:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_len = strlen ((const char *) name);
data/ne-3.1.2/src/regcomp.c:3560:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (BE (strlen ((const char *) name) != 1, 0))
data/ne-3.1.2/src/regexec.c:240:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (string);
data/ne-3.1.2/src/request.c:122:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(p0);
data/ne-3.1.2/src/request.c:147:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rl.suffix) set_attr(p[strlen(p) - 1] == rl.suffix ? BOLD : 0);
data/ne-3.1.2/src/request.c:324:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len > strlen(p0)) return 1;
data/ne-3.1.2/src/request.c:340:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (fuzz_len < strlen(p0) && count_fuzz_matches(fuzz_len) == count_fuzz_matches(fuzz_len+1)) fuzz_len++;
data/ne-3.1.2/src/request.c:413:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (! cmp && strlen(p1) > fuzz_len && localised_up_case[(unsigned char)p1[fuzz_len]] == c) {
data/ne-3.1.2/src/request.c:430:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cmp && strlen(p1) > fuzz_len && localised_up_case[(unsigned char)p1[fuzz_len]] == c) {
data/ne-3.1.2/src/request.c:530:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fuzz_len = min(fuzz_len, strlen(rl.entries[n]));
data/ne-3.1.2/src/request.c:737:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc(strlen(dir_name) + strlen(cur_prefix) + 2);
data/ne-3.1.2/src/request.c:737:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc(strlen(dir_name) + strlen(cur_prefix) + 2);
data/ne-3.1.2/src/request.c:753:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int extlen = strlen(SYNTAX_EXT);
data/ne-3.1.2/src/request.c:758:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(de->d_name);
data/ne-3.1.2/src/request.c:783:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = exists_prefs_dir()) && strlen(p) + 2 + strlen(SYNTAX_DIR) < sizeof syn_dir_name) {
data/ne-3.1.2/src/request.c:783:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = exists_prefs_dir()) && strlen(p) + 2 + strlen(SYNTAX_DIR) < sizeof syn_dir_name) {
data/ne-3.1.2/src/request.c:790:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = exists_gprefs_dir()) && strlen(p) + 2 + strlen(SYNTAX_DIR) < sizeof syn_dir_name) {
data/ne-3.1.2/src/request.c:790:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = exists_gprefs_dir()) && strlen(p) + 2 + strlen(SYNTAX_DIR) < sizeof syn_dir_name) {
data/ne-3.1.2/src/request.c:802:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p = malloc(strlen(q)+3)) {
data/ne-3.1.2/src/request.c:804:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen(p)-1] == rl.suffix) p[strlen(p)-1] = '\0';
data/ne-3.1.2/src/request.c:804:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen(p)-1] == rl.suffix) p[strlen(p)-1] = '\0';
data/ne-3.1.2/src/request.c:806:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p + 1, p, strlen(p) + 1);
data/ne-3.1.2/src/request.c:867:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen(p) - 1] == '/' && t >= 0) {
data/ne-3.1.2/src/request.c:868:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = 0;
data/ne-3.1.2/src/request.c:874:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = ne_getcwd(CUR_DIR_MAX_SIZE + strlen(p) + 2);
data/ne-3.1.2/src/request.c:875:32: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (strcmp(result, "/")) strcat(result, "/");
data/ne-3.1.2/src/request.c:883:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(result + 1, result, strlen(result) + 1);
data/ne-3.1.2/src/request.c:1044:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len0 = strlen(str);
data/ne-3.1.2/src/request.c:1071:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(rl->entries[i])) > rl->max_entry_len)
data/ne-3.1.2/src/request.c:1132:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(rl->entries[i]);
data/ne-3.1.2/src/request.c:1154:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(str);
data/ne-3.1.2/src/search.c:111:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int m = strlen(pattern);
data/ne-3.1.2/src/search.c:232:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/ne-3.1.2/src/search.c:300:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!regex || !strlen(regex)) return ERROR;
data/ne-3.1.2/src/search.c:364:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
actual_regex = q = malloc(strlen(regex) + 1 + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:364:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
actual_regex = q = malloc(strlen(regex) + 1 + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:364:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
actual_regex = q = malloc(strlen(regex) + 1 + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:364:121: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
actual_regex = q = malloc(strlen(regex) + 1 + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:374:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q += strlen(UTF8NONWORD);
data/ne-3.1.2/src/search.c:388:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q += strlen(UTF8DOT);
data/ne-3.1.2/src/search.c:401:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q += strlen(UTF8COMP);
data/ne-3.1.2/src/search.c:420:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(actual_regex) == strlen(regex) + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:420:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(actual_regex) == strlen(regex) + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:420:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(actual_regex) == strlen(regex) + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:420:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(actual_regex) == strlen(regex) + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:420:122: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(actual_regex) == strlen(regex) + (strlen(UTF8DOT) - 1) * dots + (strlen(UTF8NONWORD) - 2) * nonwords + (strlen(UTF8COMP) - 1) * comps);
data/ne-3.1.2/src/search.c:423:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * p = re_compile_pattern(actual_regex, strlen(actual_regex), &re_pb);
data/ne-3.1.2/src/search.c:541:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(p);
data/ne-3.1.2/src/search.c:551:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(q, q + 1, strlen(q + 1) + 1);
data/ne-3.1.2/src/search.c:598:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(q)) {
data/ne-3.1.2/src/search.c:599:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert_stream(b, b->cur_line_desc, b->cur_line, b->cur_pos + pos, q, strlen(q));
data/ne-3.1.2/src/search.c:600:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(q);
data/ne-3.1.2/src/search.c:603:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q += strlen(q) + 1;
data/ne-3.1.2/src/support.c:65:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p+1, strlen(p));
data/ne-3.1.2/src/support.c:74:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(t, p+2, strlen(p+2)+1);
data/ne-3.1.2/src/support.c:92:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *c = malloc(strlen(a)+strlen(b)+2);
data/ne-3.1.2/src/support.c:92:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *c = malloc(strlen(a)+strlen(b)+2);
data/ne-3.1.2/src/support.c:101:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cc = c+strlen(c);
data/ne-3.1.2/src/support.c:151:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=j; i<=strlen(b); i++) {
data/ne-3.1.2/src/support.c:154:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newlen = 3 * up_dirs + (strlen(a+j) ) + 2; /* 3 for each "../" and two trailing '\0' */
data/ne-3.1.2/src/support.c:236:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const ssize_t t = read(fd, (char *)buf + done, to_do);
data/ne-3.1.2/src/support.c:326:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * const p = realloc(expanded_filename, strlen(filename) + strlen(home_dir) + 1);
data/ne-3.1.2/src/support.c:326:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * const p = realloc(expanded_filename, strlen(filename) + strlen(home_dir) + 1);
data/ne-3.1.2/src/support.c:342:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * p = pathname + strlen(pathname);
data/ne-3.1.2/src/support.c:353:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int64_t len = strlen(s);
data/ne-3.1.2/src/support.c:553:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t result = read(in, buffer, to_do);
data/ne-3.1.2/src/support.c:669:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*p, &b->cur_line_desc->line[*prefix_pos], b->cur_pos - *prefix_pos);
data/ne-3.1.2/src/syn_utils.c:89:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen((char *)s);
data/ne-3.1.2/src/syn_utils.c:123:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)a,(char *)b,len);
data/ne-3.1.2/src/syntax.c:712:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = (unsigned char *)exists_prefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:712:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = (unsigned char *)exists_prefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:712:102: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = (unsigned char *)exists_prefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:712:123: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p = (unsigned char *)exists_prefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:713:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/syntax.c:717:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!f && (p = (unsigned char*)exists_gprefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:717:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!f && (p = (unsigned char*)exists_gprefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:717:108: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!f && (p = (unsigned char*)exists_gprefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:717:129: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!f && (p = (unsigned char*)exists_gprefs_dir()) && strlen((const char *)p) + 2 + strlen(SYNTAX_DIR) + strlen(SYNTAX_EXT) + strlen((const char *)syntax->name) < sizeof name) {
data/ne-3.1.2/src/syntax.c:718:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(strcat(strcat(strcat(strcpy((char *)name, (const char *)p), SYNTAX_DIR), "/"), (const char *)syntax->name), SYNTAX_EXT);
data/ne-3.1.2/src/term.c:725:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_chars(s, NULL, strlen(s), utf8);
data/ne-3.1.2/src/term.c:746:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_chars(t, attr != -1 ? &attr : NULL, strlen(t), utf8);
data/ne-3.1.2/src/term.c:849:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert_chars(t, attr == -1 ? NULL : &attr, strlen(t), utf8);
data/ne-3.1.2/src/termcap.c:380:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fab.fab$b_fns = strlen(fn);
data/ne-3.1.2/src/termcap.c:440:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size = 1 + strlen (term);
data/ne-3.1.2/src/termcap.c:509:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size = indirect ? strlen (tcenv) + 1 : buf.size;
data/ne-3.1.2/src/termcap.c:518:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bp1 += strlen (tcenv);
data/ne-3.1.2/src/termcap.c:718:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!(nread = read (fd, buf + bufp->full, bufp->size - bufp->full)))
data/ne-3.1.2/src/tparam.c:209:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doup++, outend -= strlen (up);
data/ne-3.1.2/src/tparam.c:211:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doleft++, outend -= strlen (left);
ANALYSIS SUMMARY:
Hits = 844
Lines analyzed = 41379 in approximately 1.32 seconds (31305 lines/second)
Physical Source Lines of Code (SLOC) = 28955
Hits@level = [0] 74 [1] 221 [2] 494 [3] 12 [4] 112 [5] 5
Hits@level+ = [0+] 918 [1+] 844 [2+] 623 [3+] 129 [4+] 117 [5+] 5
Hits/KSLOC@level+ = [0+] 31.7044 [1+] 29.1487 [2+] 21.5161 [3+] 4.45519 [4+] 4.04075 [5+] 0.172682
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.