Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/omega-rpg-0.90-pa9/abyss.c
Examining data/omega-rpg-0.90-pa9/aux1.c
Examining data/omega-rpg-0.90-pa9/aux2.c
Examining data/omega-rpg-0.90-pa9/aux3.c
Examining data/omega-rpg-0.90-pa9/command1.c
Examining data/omega-rpg-0.90-pa9/command2.c
Examining data/omega-rpg-0.90-pa9/compress.c
Examining data/omega-rpg-0.90-pa9/country.c
Examining data/omega-rpg-0.90-pa9/effect2.c
Examining data/omega-rpg-0.90-pa9/effect3.c
Examining data/omega-rpg-0.90-pa9/env.c
Examining data/omega-rpg-0.90-pa9/etc.c
Examining data/omega-rpg-0.90-pa9/fixstr.c
Examining data/omega-rpg-0.90-pa9/gen1.c
Examining data/omega-rpg-0.90-pa9/genclr.c
Examining data/omega-rpg-0.90-pa9/guild1.c
Examining data/omega-rpg-0.90-pa9/guild2.c
Examining data/omega-rpg-0.90-pa9/house.c
Examining data/omega-rpg-0.90-pa9/iinit.h
Examining data/omega-rpg-0.90-pa9/init.c
Examining data/omega-rpg-0.90-pa9/item.c
Examining data/omega-rpg-0.90-pa9/itemf1.c
Examining data/omega-rpg-0.90-pa9/itemf2.c
Examining data/omega-rpg-0.90-pa9/itemf3.c
Examining data/omega-rpg-0.90-pa9/lev.c
Examining data/omega-rpg-0.90-pa9/map.c
Examining data/omega-rpg-0.90-pa9/minit.h
Examining data/omega-rpg-0.90-pa9/mmelee.c
Examining data/omega-rpg-0.90-pa9/mmove.c
Examining data/omega-rpg-0.90-pa9/move.c
Examining data/omega-rpg-0.90-pa9/movef.c
Examining data/omega-rpg-0.90-pa9/mspec.c
Examining data/omega-rpg-0.90-pa9/mstrike.c
Examining data/omega-rpg-0.90-pa9/mtalk.c
Examining data/omega-rpg-0.90-pa9/newrand.c
Examining data/omega-rpg-0.90-pa9/oldsave.h
Examining data/omega-rpg-0.90-pa9/pdump.c
Examining data/omega-rpg-0.90-pa9/priest.c
Examining data/omega-rpg-0.90-pa9/scr.c
Examining data/omega-rpg-0.90-pa9/site1.c
Examining data/omega-rpg-0.90-pa9/site2.c
Examining data/omega-rpg-0.90-pa9/spell.c
Examining data/omega-rpg-0.90-pa9/stats.c
Examining data/omega-rpg-0.90-pa9/test.c
Examining data/omega-rpg-0.90-pa9/time.c
Examining data/omega-rpg-0.90-pa9/trap.c
Examining data/omega-rpg-0.90-pa9/village.c
Examining data/omega-rpg-0.90-pa9/tools/decrypt.c
Examining data/omega-rpg-0.90-pa9/tools/bwt.c
Examining data/omega-rpg-0.90-pa9/tools/bwt.h
Examining data/omega-rpg-0.90-pa9/tools/crypt.c
Examining data/omega-rpg-0.90-pa9/tools/makedate.c
Examining data/omega-rpg-0.90-pa9/char.c
Examining data/omega-rpg-0.90-pa9/omega.c
Examining data/omega-rpg-0.90-pa9/gen2.c
Examining data/omega-rpg-0.90-pa9/file.c
Examining data/omega-rpg-0.90-pa9/util.c
Examining data/omega-rpg-0.90-pa9/mon.c
Examining data/omega-rpg-0.90-pa9/save.c
Examining data/omega-rpg-0.90-pa9/extern.h
Examining data/omega-rpg-0.90-pa9/defs.h
Examining data/omega-rpg-0.90-pa9/glob.h
Examining data/omega-rpg-0.90-pa9/city.c
Examining data/omega-rpg-0.90-pa9/inv.c
Examining data/omega-rpg-0.90-pa9/bank.c
Examining data/omega-rpg-0.90-pa9/command3.c
Examining data/omega-rpg-0.90-pa9/effect1.c
FINAL RESULTS:
data/omega-rpg-0.90-pa9/compress.c:1297:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(ofname, mode)) /* Copy modes */
data/omega-rpg-0.90-pa9/compress.c:1300:2: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
chown(ofname, statbuf.st_uid, statbuf.st_gid); /* Copy ownership */
data/omega-rpg-0.90-pa9/file.c:381:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(Str2, 0664);
data/omega-rpg-0.90-pa9/abyss.c:124:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1,"%s%s",Omegalib,str);
data/omega-rpg-0.90-pa9/abyss.c:127:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str2,"%s%s",Omegalib,buf.name);
data/omega-rpg-0.90-pa9/abyss.c:161:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1,"%som%03d%03d.lev",Omegalib,env,depth);
data/omega-rpg-0.90-pa9/abyss.c:207:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("dir");
data/omega-rpg-0.90-pa9/aux1.c:121:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,roomname(i));
data/omega-rpg-0.90-pa9/aux1.c:126:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,roomname(i));
data/omega-rpg-0.90-pa9/aux1.c:127:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,Str1);
data/omega-rpg-0.90-pa9/aux1.c:462:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,(o->blessing >= 0 ? o->truename : o->cursestr));
data/omega-rpg-0.90-pa9/aux1.c:475:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,itemid(o));
data/omega-rpg-0.90-pa9/aux1.c:482:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,itemid(o));
data/omega-rpg-0.90-pa9/aux1.c:488:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,itemid(o));
data/omega-rpg-0.90-pa9/aux1.c:498:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,itemid(o));
data/omega-rpg-0.90-pa9/aux1.c:621:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,getarticle(m->monstring));
data/omega-rpg-0.90-pa9/aux1.c:624:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,wordnum(m->level+1-Monsters[m->id].level));
data/omega-rpg-0.90-pa9/aux1.c:627:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/aux1.c:630:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/aux1.c:687:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(meleestr,Player.meleestr);
data/omega-rpg-0.90-pa9/aux1.c:696:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Player.meleestr,meleestr);
data/omega-rpg-0.90-pa9/aux2.c:71:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str3,m->monstring);
data/omega-rpg-0.90-pa9/aux2.c:105:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str3,m->monstring);
data/omega-rpg-0.90-pa9/aux2.c:138:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,Player.possessions[O_WEAPON_HAND]->objstr);
data/omega-rpg-0.90-pa9/aux2.c:153:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,itemid(Player.possessions[O_WEAPON_HAND]));
data/omega-rpg-0.90-pa9/aux2.c:662:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,actionlocstr(Player.meleestr[i+1]));
data/omega-rpg-0.90-pa9/aux2.c:676:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,actionlocstr(Player.meleestr[i+1]));
data/omega-rpg-0.90-pa9/aux2.c:686:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,actionlocstr(Player.meleestr[i+1]));
data/omega-rpg-0.90-pa9/aux2.c:728:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/aux2.c:730:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/bank.c:119:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_account->password, password);
data/omega-rpg-0.90-pa9/bank.c:671:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tbuf, "You seem to have trouble sticking your %s in the slot", itemid(card));
data/omega-rpg-0.90-pa9/char.c:25:11: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
lname = getlogin();
data/omega-rpg-0.90-pa9/char.c:33:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Player.name,lname);
data/omega-rpg-0.90-pa9/char.c:70:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Player.name,lname);
data/omega-rpg-0.90-pa9/char.c:136:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savedg,msgscanstring());
data/omega-rpg-0.90-pa9/char.c:808:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, "You have only %d chance%s to reroll... ", REROLLS - i,
data/omega-rpg-0.90-pa9/char.c:834:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Player.name,msgscanstring());
data/omega-rpg-0.90-pa9/command2.c:267:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/command2.c:987:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, "Enter savefile name [default %s]: ", SaveFileName );
data/omega-rpg-0.90-pa9/command2.c:989:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname,msgscanstring());
data/omega-rpg-0.90-pa9/command2.c:992:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( fname, SaveFileName );
data/omega-rpg-0.90-pa9/command3.c:171:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filestr, "%shelp%d.txt", Omegalib, c+1-'a');
data/omega-rpg-0.90-pa9/command3.c:184:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, "%shelp%d.txt", Omegalib, n);
data/omega-rpg-0.90-pa9/command3.c:196:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filestr, "%shelp%d.txt", Omegalib, c+1-'a');
data/omega-rpg-0.90-pa9/command3.c:375:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cstr,countryid(id));
data/omega-rpg-0.90-pa9/command3.c:515:16: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
lname = getlogin();
data/omega-rpg-0.90-pa9/command3.c:529:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,WIZARD);
data/omega-rpg-0.90-pa9/command3.c:849:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,msgscanstring());
data/omega-rpg-0.90-pa9/command3.c:855:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Player.name, Str1);
data/omega-rpg-0.90-pa9/command3.c:857:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, "Henceforth, you shall be known as %s", Player.name);
data/omega-rpg-0.90-pa9/compress.c:549:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempname, *fileptr);
data/omega-rpg-0.90-pa9/compress.c:581:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ofname, *fileptr);
data/omega-rpg-0.90-pa9/compress.c:615:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ofname, *fileptr);
data/omega-rpg-0.90-pa9/effect1.c:292:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect1.c:294:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect1.c:310:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect1.c:312:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect1.c:409:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect1.c:411:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect1.c:595:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wishstr,msgscanstring());
data/omega-rpg-0.90-pa9/effect3.c:204:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect3.c:206:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect3.c:353:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect3.c:355:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect3.c:396:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect3.c:398:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str1,target->monstring);
data/omega-rpg-0.90-pa9/effect3.c:899:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,getarticle(Monsters[rnd].monstring));
data/omega-rpg-0.90-pa9/effect3.c:914:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/effect3.c:1167:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/effect3.c:1169:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/file.c:54:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:65:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:73:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:83:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:93:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:103:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:114:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:123:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:131:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:139:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:148:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegalib);
data/omega-rpg-0.90-pa9/file.c:164:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegavar);
data/omega-rpg-0.90-pa9/file.c:210:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegavar);
data/omega-rpg-0.90-pa9/file.c:222:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegavar);
data/omega-rpg-0.90-pa9/file.c:306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegavar);
data/omega-rpg-0.90-pa9/file.c:309:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Omegavar);
data/omega-rpg-0.90-pa9/file.c:400:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Hiscorer, Player.name);
data/omega-rpg-0.90-pa9/file.c:401:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Hidescrip, descrip);
data/omega-rpg-0.90-pa9/file.c:410:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Chaoslord, Player.name);
data/omega-rpg-0.90-pa9/file.c:419:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Lawlord, Player.name);
data/omega-rpg-0.90-pa9/file.c:439:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegavar);
data/omega-rpg-0.90-pa9/file.c:526:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1, Omegavar);
data/omega-rpg-0.90-pa9/file.c:530:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&(Str1[endpos]), required_writeable[file]);
data/omega-rpg-0.90-pa9/file.c:538:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1, Omegalib);
data/omega-rpg-0.90-pa9/file.c:542:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&(Str1[endpos]), required_file_list[file]);
data/omega-rpg-0.90-pa9/file.c:552:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&(Str1[endpos]), optional_file_list[file]);
data/omega-rpg-0.90-pa9/file.c:660:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(deststr,msgscanstring());
data/omega-rpg-0.90-pa9/file.c:670:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "Unable to write to file %s - Aborting.", deststr);
data/omega-rpg-0.90-pa9/fixstr.c:99:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((string_list[num_strings] =
data/omega-rpg-0.90-pa9/guild1.c:156:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Commandant, Player.name);
data/omega-rpg-0.90-pa9/guild1.c:352:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Duke,Player.name);
data/omega-rpg-0.90-pa9/guild1.c:484:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Champion);
data/omega-rpg-0.90-pa9/guild1.c:489:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,Str1);
data/omega-rpg-0.90-pa9/guild1.c:518:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,nameprint());
data/omega-rpg-0.90-pa9/guild1.c:520:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,Arena_Monster->monstring);
data/omega-rpg-0.90-pa9/guild1.c:523:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,Str1);
data/omega-rpg-0.90-pa9/guild1.c:573:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Champion,Player.name);
data/omega-rpg-0.90-pa9/guild2.c:30:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Shadowlord,Player.name);
data/omega-rpg-0.90-pa9/guild2.c:287:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Archmage,Player.name);
data/omega-rpg-0.90-pa9/guild2.c:545:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Grandmaster,Player.name);
data/omega-rpg-0.90-pa9/guild2.c:762:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Prime,Player.name);
data/omega-rpg-0.90-pa9/guild2.c:943:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Justiciar,Player.name);
data/omega-rpg-0.90-pa9/inv.c:223:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str4,obj->truename);
data/omega-rpg-0.90-pa9/inv.c:231:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str4,tstr);
data/omega-rpg-0.90-pa9/inv.c:233:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,obj->objstr);
data/omega-rpg-0.90-pa9/inv.c:238:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,obj->truename);
data/omega-rpg-0.90-pa9/inv.c:248:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4, obj->cursestr);
data/omega-rpg-0.90-pa9/inv.c:252:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4, obj->truename);
data/omega-rpg-0.90-pa9/inv.c:254:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
else strcat(Str4,obj->truename);
data/omega-rpg-0.90-pa9/inv.c:259:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,tstr);
data/omega-rpg-0.90-pa9/inv.c:267:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4, tstr);
data/omega-rpg-0.90-pa9/inv.c:394:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str3,m->monstring);
data/omega-rpg-0.90-pa9/inv.c:396:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str3,m->monstring);
data/omega-rpg-0.90-pa9/inv.c:592:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (prompt) strcpy(selectstr, prompt);
data/omega-rpg-0.90-pa9/inv.c:804:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, " %c: %s %s\n", i + 'a', depth_string,
data/omega-rpg-0.90-pa9/inv.c:1002:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1, itemid(Player.possessions[slot]));
data/omega-rpg-0.90-pa9/inv.c:1015:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1, Player.possessions[slot]->objstr);
data/omega-rpg-0.90-pa9/inv.c:1186:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1, itemid(Player.possessions[slot]));
data/omega-rpg-0.90-pa9/inv.c:1199:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1, Player.possessions[slot]->objstr);
data/omega-rpg-0.90-pa9/itemf1.c:109:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, " %s\n", Objects[range_idx].truename);
data/omega-rpg-0.90-pa9/itemf1.c:111:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, " an %s\n", Objects[range_idx].truename);
data/omega-rpg-0.90-pa9/itemf1.c:113:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, " a %s\n", Objects[range_idx].truename);
data/omega-rpg-0.90-pa9/itemf3.c:644:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, "You can't seem to get rid of: %s", itemid(ob) );
data/omega-rpg-0.90-pa9/itemf3.c:697:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, "%c: %s\n", c1, itemid(ol->thing) );
data/omega-rpg-0.90-pa9/map.c:42:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, explanation, ap);
data/omega-rpg-0.90-pa9/map.c:165:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str3,Omegalib);
data/omega-rpg-0.90-pa9/map.c:179:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str3,Omegalib);
data/omega-rpg-0.90-pa9/mmelee.c:12:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str3,m->monstring);
data/omega-rpg-0.90-pa9/mmelee.c:14:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str3,m->monstring);
data/omega-rpg-0.90-pa9/mmelee.c:31:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,m->monstring);
data/omega-rpg-0.90-pa9/mmelee.c:33:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str4,m->monstring);
data/omega-rpg-0.90-pa9/mmelee.c:36:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,actionlocstr(m->meleestr[i+1]));
data/omega-rpg-0.90-pa9/mmelee.c:42:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,actionlocstr(m->meleestr[i+1]));
data/omega-rpg-0.90-pa9/mmelee.c:65:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mmelee.c:67:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mmelee.c:268:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->meleestr,Monsters[m->id].meleestr);
data/omega-rpg-0.90-pa9/mmove.c:34:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mmove.c:36:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mmove.c:214:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mmove.c:216:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mmove.c:247:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1, Level->site[m->aux1][m->aux2].creature->monstring);
data/omega-rpg-0.90-pa9/mmove.c:250:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1, Level->site[m->aux1][m->aux2].creature->monstring);
data/omega-rpg-0.90-pa9/mon.c:112:36: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:115:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:146:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:149:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:211:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Priest[m->aux2],nameprint());
data/omega-rpg-0.90-pa9/mon.c:217:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Shadowlord,nameprint());
data/omega-rpg-0.90-pa9/mon.c:223:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Commandant,nameprint());
data/omega-rpg-0.90-pa9/mon.c:228:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Archmage,nameprint());
data/omega-rpg-0.90-pa9/mon.c:234:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Prime,nameprint());
data/omega-rpg-0.90-pa9/mon.c:240:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Champion,nameprint());
data/omega-rpg-0.90-pa9/mon.c:245:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Duke,nameprint());
data/omega-rpg-0.90-pa9/mon.c:251:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Chaoslord,nameprint());
data/omega-rpg-0.90-pa9/mon.c:257:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Lawlord,nameprint());
data/omega-rpg-0.90-pa9/mon.c:270:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Justiciar,nameprint());
data/omega-rpg-0.90-pa9/mon.c:318:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Grandmaster,nameprint());
data/omega-rpg-0.90-pa9/mon.c:537:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Hiscorer);
data/omega-rpg-0.90-pa9/mon.c:541:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Priest[npcid]);
data/omega-rpg-0.90-pa9/mon.c:551:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Shadowlord);
data/omega-rpg-0.90-pa9/mon.c:555:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Commandant);
data/omega-rpg-0.90-pa9/mon.c:561:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Archmage);
data/omega-rpg-0.90-pa9/mon.c:569:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Prime);
data/omega-rpg-0.90-pa9/mon.c:577:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Champion);
data/omega-rpg-0.90-pa9/mon.c:583:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Duke);
data/omega-rpg-0.90-pa9/mon.c:587:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Chaoslord);
data/omega-rpg-0.90-pa9/mon.c:593:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Lawlord);
data/omega-rpg-0.90-pa9/mon.c:599:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Justiciar);
data/omega-rpg-0.90-pa9/mon.c:608:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Grandmaster);
data/omega-rpg-0.90-pa9/mon.c:619:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,Str2);
data/omega-rpg-0.90-pa9/mon.c:699:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1,Omegavar);
data/omega-rpg-0.90-pa9/mon.c:709:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2, Str1 + i);
data/omega-rpg-0.90-pa9/mon.c:733:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,Str2);
data/omega-rpg-0.90-pa9/mon.c:736:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str3,Str2);
data/omega-rpg-0.90-pa9/mon.c:743:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str3,Str2);
data/omega-rpg-0.90-pa9/mon.c:754:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:757:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:770:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:773:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:789:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:792:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:806:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:809:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:829:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:832:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:846:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:849:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:862:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:865:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:878:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:881:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:895:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:898:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:910:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:913:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:927:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:930:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:944:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:947:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:961:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:964:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:982:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:985:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:999:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:1002:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:1017:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:1020:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:1036:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (m->uniqueness != COMMON) strcpy(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mon.c:1039:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:139:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(action,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:200:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:202:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:265:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:267:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:422:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,Monsters[mid].monstring);
data/omega-rpg-0.90-pa9/mspec.c:424:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,Monsters[mid].monstring);
data/omega-rpg-0.90-pa9/mspec.c:636:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:638:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:670:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mspec.c:672:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mstrike.c:44:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mstrike.c:46:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mstrike.c:66:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mstrike.c:68:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:107:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:109:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:129:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:131:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:147:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:149:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:165:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:167:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:241:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:243:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:338:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:340:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:357:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:359:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:385:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:387:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:419:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:421:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:431:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:433:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:443:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:445:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:504:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:506:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:522:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:537:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:539:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:556:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:558:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:583:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:585:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:666:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str2,m->monstring);
data/omega-rpg-0.90-pa9/mtalk.c:668:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(Str2,m->monstring);
data/omega-rpg-0.90-pa9/pdump.c:203:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( Str3, "Character dump unsuccessful (%s)", why );
data/omega-rpg-0.90-pa9/pdump.c:215:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buf, itemid( Player.possessions[ slot ] ));
data/omega-rpg-0.90-pa9/pdump.c:324:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( dump_buf, "%c) %s\n", i + 'A', itemid( Player.pack[ i ] ) );
data/omega-rpg-0.90-pa9/pdump.c:351:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( dump_buf, "%s\n", itemid( ol->thing ) );
data/omega-rpg-0.90-pa9/pdump.c:410:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, legion_rank_string( Player.rank[ LEGION ] ) );
data/omega-rpg-0.90-pa9/pdump.c:419:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, arena_rank_string( Player.rank[ ARENA ] ) );
data/omega-rpg-0.90-pa9/pdump.c:435:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, college_rank_string( Player.rank[ COLLEGE ] ) );
data/omega-rpg-0.90-pa9/pdump.c:442:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, nobility_rank_string( Player.rank[ NOBILITY ] ) );
data/omega-rpg-0.90-pa9/pdump.c:455:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( cp, "%d%s quest completed\n", Player.rank[ NOBILITY ] - 1,
data/omega-rpg-0.90-pa9/pdump.c:463:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, circle_rank_string( Player.rank[ CIRCLE ] ) );
data/omega-rpg-0.90-pa9/pdump.c:479:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, order_rank_string( Player.rank[ ORDER ] ) );
data/omega-rpg-0.90-pa9/pdump.c:495:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, thieves_rank_string( Player.rank[ THIEVES ] ) );
data/omega-rpg-0.90-pa9/pdump.c:504:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, priesthood_rank_string( Player.rank[ PRIESTHOOD ], Player.patron ) );
data/omega-rpg-0.90-pa9/pdump.c:513:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dump_buf, monk_rank_string(Player.rank[MONKS]));
data/omega-rpg-0.90-pa9/pdump.c:541:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( dump_buf, s );
data/omega-rpg-0.90-pa9/pdump.c:550:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( dump_buf, s );
data/omega-rpg-0.90-pa9/pdump.c:557:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( dump_buf, s );
data/omega-rpg-0.90-pa9/pdump.c:904:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( dump_buf, VERSIONSTRING );
data/omega-rpg-0.90-pa9/pdump.c:909:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
curcol = sprintf( dump_buf, "Name : %s\n", Player.name );
data/omega-rpg-0.90-pa9/pdump.c:921:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( dump_buf, "Level : %s [%d]\n", levelname( Player.level ), Player.level );
data/omega-rpg-0.90-pa9/pdump.c:925:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( dump_buf, "Alignment : %s\n\n", alignment_string( Player.alignment ) );
data/omega-rpg-0.90-pa9/pdump.c:1010:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( dump_buf, "Elapsed Game Time : %s\n\n", elapsed_time_string( Time ) );
data/omega-rpg-0.90-pa9/pdump.c:1109:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( Str3, alignment_level[ alignment_level_index( alignment ) ] );
data/omega-rpg-0.90-pa9/pdump.c:1138:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( Str3, Str2 );
data/omega-rpg-0.90-pa9/pdump.c:1144:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( Str3, Str2 );
data/omega-rpg-0.90-pa9/pdump.c:1150:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( Str3, Str2 );
data/omega-rpg-0.90-pa9/pdump.c:1156:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( Str3, Str2 );
data/omega-rpg-0.90-pa9/pdump.c:1162:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( Str3, Str2 );
data/omega-rpg-0.90-pa9/pdump.c:1214:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( Str3, priesthood_ranks[ rank ] );
data/omega-rpg-0.90-pa9/pdump.c:1215:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( Str3, patron_names[ patron ] );
data/omega-rpg-0.90-pa9/priest.c:516:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Priest[Player.patron],Player.name);
data/omega-rpg-0.90-pa9/save.c:45:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(savestr, R_OK) == 0)
data/omega-rpg-0.90-pa9/save.c:46:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(savestr, W_OK) == 0)
data/omega-rpg-0.90-pa9/save.c:64:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(savestr, W_OK) == -1)
data/omega-rpg-0.90-pa9/save.c:131:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, savestr);
data/omega-rpg-0.90-pa9/save.c:135:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,COMPRESSOR);
data/omega-rpg-0.90-pa9/save.c:137:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,savestr);
data/omega-rpg-0.90-pa9/save.c:138:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(temp);
data/omega-rpg-0.90-pa9/save.c:139:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s.%s", savestr, COMPRESS_EXT);
data/omega-rpg-0.90-pa9/save.c:545:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(savestr, F_OK|R_OK|W_OK) == -1) /* access uses real uid */
data/omega-rpg-0.90-pa9/save.c:569:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, savestr);
data/omega-rpg-0.90-pa9/save.c:574:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s.%s", savestr, COMPRESS_EXT);
data/omega-rpg-0.90-pa9/save.c:578:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,UNCOMPRESSOR);
data/omega-rpg-0.90-pa9/save.c:580:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,savestr);
data/omega-rpg-0.90-pa9/save.c:581:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(temp);
data/omega-rpg-0.90-pa9/save.c:1121:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Hiscorer);
data/omega-rpg-0.90-pa9/save.c:1126:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Priest[npcid]);
data/omega-rpg-0.90-pa9/save.c:1131:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Shadowlord);
data/omega-rpg-0.90-pa9/save.c:1136:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Commandant);
data/omega-rpg-0.90-pa9/save.c:1141:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Archmage);
data/omega-rpg-0.90-pa9/save.c:1146:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Prime);
data/omega-rpg-0.90-pa9/save.c:1151:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Champion);
data/omega-rpg-0.90-pa9/save.c:1156:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Duke);
data/omega-rpg-0.90-pa9/save.c:1161:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Chaoslord);
data/omega-rpg-0.90-pa9/save.c:1166:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Lawlord);
data/omega-rpg-0.90-pa9/save.c:1171:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Justiciar);
data/omega-rpg-0.90-pa9/save.c:1176:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str2,Grandmaster);
data/omega-rpg-0.90-pa9/save.c:1187:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str1,Str2);
data/omega-rpg-0.90-pa9/scr.c:403:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(screenLine3, s);
data/omega-rpg-0.90-pa9/scr.c:415:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(screenLine3, s);
data/omega-rpg-0.90-pa9/scr.c:483:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, OMEGALIB);
data/omega-rpg-0.90-pa9/scr.c:484:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, TILEFILE);
data/omega-rpg-0.90-pa9/scr.c:1537:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,source);
data/omega-rpg-0.90-pa9/scr.c:1901:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Str1, " %c: %s\n", i + 'A', itemid(Player.pack[i]));
data/omega-rpg-0.90-pa9/scr.c:2181:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Stringbuffer[bufferpos++],s);
data/omega-rpg-0.90-pa9/scr.c:2193:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Stringbuffer[pos],s);
data/omega-rpg-0.90-pa9/site1.c:47:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str4,Objects[base+i].objstr);
data/omega-rpg-0.90-pa9/site1.c:798:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Str1, msgscanstring());
data/omega-rpg-0.90-pa9/site1.c:973:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Str3,itemid(Pawnitems[i]));
data/omega-rpg-0.90-pa9/tools/crypt.c:29:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, explanation, ap);
data/omega-rpg-0.90-pa9/tools/decrypt.c:24:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, explanation, ap);
data/omega-rpg-0.90-pa9/util.c:918:27: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (joinString == two) {strcpy(temp,two); two = temp;}
data/omega-rpg-0.90-pa9/util.c:919:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(joinString,one);
data/omega-rpg-0.90-pa9/util.c:921:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(joinString,two);
data/omega-rpg-0.90-pa9/util.c:1035:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,str);
data/omega-rpg-0.90-pa9/char.c:108:51: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
snprintf(Str1, sizeof(Str1)-1, "%s/.omegarc", getenv("HOME"));
data/omega-rpg-0.90-pa9/char.c:165:49: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
snprintf(Str1, sizeof(Str1)-1, "%s/.omegarc", getenv("HOME"));
data/omega-rpg-0.90-pa9/omega.c:261:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while(( i= getopt( argc, argv, "dsh")) != -1)
data/omega-rpg-0.90-pa9/omega.c:358:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(Omegalib = getenv("OMEGALIB")))
data/omega-rpg-0.90-pa9/omega.c:363:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(Omegavar = getenv("OMEGAVAR")))
data/omega-rpg-0.90-pa9/abyss.c:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mems[50];
data/omega-rpg-0.90-pa9/abyss.c:140:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1,"Heapchk returned %d.",_heapchk());
data/omega-rpg-0.90-pa9/abyss.c:155:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1,"Free mem approx %dK",(int)(amount / 0x400));
data/omega-rpg-0.90-pa9/abyss.c:162:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return(fopen(Str1,(rw) ? "wb" : "rb"));
data/omega-rpg-0.90-pa9/aux1.c:63:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"A luxurious mansion: ");
data/omega-rpg-0.90-pa9/aux1.c:66:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"A house: ");
data/omega-rpg-0.90-pa9/aux1.c:69:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"A hovel: ");
data/omega-rpg-0.90-pa9/aux1.c:72:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The City of Rampart");
data/omega-rpg-0.90-pa9/aux1.c:76:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1: strcpy(Str2,"The Village of Star View"); break;
data/omega-rpg-0.90-pa9/aux1.c:77:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2: strcpy(Str2,"The Village of Woodmere"); break;
data/omega-rpg-0.90-pa9/aux1.c:78:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3: strcpy(Str2,"The Village of Stormwatch"); break;
data/omega-rpg-0.90-pa9/aux1.c:79:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 4: strcpy(Str2,"The Village of Thaumaris"); break;
data/omega-rpg-0.90-pa9/aux1.c:80:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 5: strcpy(Str2,"The Village of Skorch"); break;
data/omega-rpg-0.90-pa9/aux1.c:81:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 6: strcpy(Str2,"The Village of Whorfen"); break;
data/omega-rpg-0.90-pa9/aux1.c:85:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The Goblin Caves: ");
data/omega-rpg-0.90-pa9/aux1.c:88:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The Archmage's Castle: ");
data/omega-rpg-0.90-pa9/aux1.c:91:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The Astral Plane: ");
data/omega-rpg-0.90-pa9/aux1.c:94:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The Volcano: ");
data/omega-rpg-0.90-pa9/aux1.c:97:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The Palace Dungeons: ");
data/omega-rpg-0.90-pa9/aux1.c:100:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The Sewers: ");
data/omega-rpg-0.90-pa9/aux1.c:103:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The Tactical Map ");
data/omega-rpg-0.90-pa9/aux1.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Level ");
data/omega-rpg-0.90-pa9/aux1.c:120:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," (");
data/omega-rpg-0.90-pa9/aux1.c:461:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Your ");
data/omega-rpg-0.90-pa9/aux1.c:463:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," explodes!");
data/omega-rpg-0.90-pa9/aux1.c:474:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Your ");
data/omega-rpg-0.90-pa9/aux1.c:476:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," glows strongly.");
data/omega-rpg-0.90-pa9/aux1.c:481:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"You hear an evil giggle from your ");
data/omega-rpg-0.90-pa9/aux1.c:487:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Your ");
data/omega-rpg-0.90-pa9/aux1.c:489:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," glows and then fades.");
data/omega-rpg-0.90-pa9/aux1.c:497:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Your ");
data/omega-rpg-0.90-pa9/aux1.c:499:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," shatters in a thousand lost fragments!");
data/omega-rpg-0.90-pa9/aux1.c:613:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2, "Some invisible creature");
data/omega-rpg-0.90-pa9/aux1.c:616:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"a grievously injured ");
data/omega-rpg-0.90-pa9/aux1.c:618:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"a severely injured ");
data/omega-rpg-0.90-pa9/aux1.c:620:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"an injured ");
data/omega-rpg-0.90-pa9/aux1.c:623:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," (level ");
data/omega-rpg-0.90-pa9/aux1.c:625:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2,") ");
data/omega-rpg-0.90-pa9/aux1.c:632:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," who is grievously injured ");
data/omega-rpg-0.90-pa9/aux1.c:634:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," who is severely injured ");
data/omega-rpg-0.90-pa9/aux1.c:636:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," who is injured ");
data/omega-rpg-0.90-pa9/aux1.c:686:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meleestr[80];
data/omega-rpg-0.90-pa9/aux1.c:688:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Player.meleestr,"lLlClH");
data/omega-rpg-0.90-pa9/aux1.c:938:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 0:strcpy(Str3,"neophyte");break;
data/omega-rpg-0.90-pa9/aux1.c:939:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1:strcpy(Str3,"beginner");break;
data/omega-rpg-0.90-pa9/aux1.c:940:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2:strcpy(Str3,"tourist");break;
data/omega-rpg-0.90-pa9/aux1.c:941:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3:strcpy(Str3,"traveller");break;
data/omega-rpg-0.90-pa9/aux1.c:942:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 4:strcpy(Str3,"wayfarer");break;
data/omega-rpg-0.90-pa9/aux1.c:943:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 5:strcpy(Str3,"peregrinator");break;
data/omega-rpg-0.90-pa9/aux1.c:944:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 6:strcpy(Str3,"wanderer");break;
data/omega-rpg-0.90-pa9/aux1.c:945:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 7:strcpy(Str3,"hunter");break;
data/omega-rpg-0.90-pa9/aux1.c:946:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 8:strcpy(Str3,"scout");break;
data/omega-rpg-0.90-pa9/aux1.c:947:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 9:strcpy(Str3,"trailblazer");break;
data/omega-rpg-0.90-pa9/aux1.c:948:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 10:strcpy(Str3,"discoverer");break;
data/omega-rpg-0.90-pa9/aux1.c:949:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 11:strcpy(Str3,"explorer");break;
data/omega-rpg-0.90-pa9/aux1.c:950:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 12:strcpy(Str3,"senior explorer");break;
data/omega-rpg-0.90-pa9/aux1.c:951:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 13:strcpy(Str3,"ranger");break;
data/omega-rpg-0.90-pa9/aux1.c:952:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 14:strcpy(Str3,"ranger captain");break;
data/omega-rpg-0.90-pa9/aux1.c:953:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 15:strcpy(Str3,"ranger knight");break;
data/omega-rpg-0.90-pa9/aux1.c:954:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 16:strcpy(Str3,"adventurer");break;
data/omega-rpg-0.90-pa9/aux1.c:955:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 17:strcpy(Str3,"experienced adventurer");break;
data/omega-rpg-0.90-pa9/aux1.c:956:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 18:strcpy(Str3,"skilled adventurer");break;
data/omega-rpg-0.90-pa9/aux1.c:957:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 19:strcpy(Str3,"master adventurer");break;
data/omega-rpg-0.90-pa9/aux1.c:958:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 20:strcpy(Str3,"hero");break;
data/omega-rpg-0.90-pa9/aux1.c:959:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 21:strcpy(Str3,"superhero");break;
data/omega-rpg-0.90-pa9/aux1.c:960:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 22:strcpy(Str3,"demigod");break;
data/omega-rpg-0.90-pa9/aux1.c:963:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"Order ");
data/omega-rpg-0.90-pa9/aux1.c:966:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3," Master of Omega");
data/omega-rpg-0.90-pa9/aux1.c:968:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(Str3,"Ultimate Master of Omega");
data/omega-rpg-0.90-pa9/aux2.c:31:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"You annihilate ");
data/omega-rpg-0.90-pa9/aux2.c:35:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"You blast ");
data/omega-rpg-0.90-pa9/aux2.c:41:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"You smash ");
data/omega-rpg-0.90-pa9/aux2.c:46:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (random_range(10)) strcpy(Str3,"You hit ");
data/omega-rpg-0.90-pa9/aux2.c:52:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 0: strcpy(Str3,"You damage "); break;
data/omega-rpg-0.90-pa9/aux2.c:53:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1: strcpy(Str3,"You inflict bodily harm on "); break;
data/omega-rpg-0.90-pa9/aux2.c:54:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2: strcpy(Str3,"You injure "); break;
data/omega-rpg-0.90-pa9/aux2.c:55:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3: strcpy(Str3,"You molest "); break;
data/omega-rpg-0.90-pa9/aux2.c:56:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 4: strcpy(Str3,"You tweak "); break;
data/omega-rpg-0.90-pa9/aux2.c:57:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 5: strcpy(Str3,"You smush "); break;
data/omega-rpg-0.90-pa9/aux2.c:58:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 6: strcpy(Str3,"You smurf "); break;
data/omega-rpg-0.90-pa9/aux2.c:59:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 7: strcpy(Str3,"You grind "); break;
data/omega-rpg-0.90-pa9/aux2.c:60:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 8: strcpy(Str3,"You hurt "); break;
data/omega-rpg-0.90-pa9/aux2.c:61:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 9: strcpy(Str3,"You bring pain to "); break;
data/omega-rpg-0.90-pa9/aux2.c:62:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 10: strcpy(Str3,"You recite nasty poetry at "); break;
data/omega-rpg-0.90-pa9/aux2.c:63:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 11: strcpy(Str3,"You smack "); break;
data/omega-rpg-0.90-pa9/aux2.c:70:32: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (m->uniqueness == COMMON) strcat(Str3,"the ");
data/omega-rpg-0.90-pa9/aux2.c:72:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3,". ");
data/omega-rpg-0.90-pa9/aux2.c:97:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"You miss ");
data/omega-rpg-0.90-pa9/aux2.c:99:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 0: strcpy(Str3,"You flail lamely at "); break;
data/omega-rpg-0.90-pa9/aux2.c:100:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1: strcpy(Str3,"You only amuse "); break;
data/omega-rpg-0.90-pa9/aux2.c:101:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2: strcpy(Str3,"You fail to even come close to "); break;
data/omega-rpg-0.90-pa9/aux2.c:102:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3: strcpy(Str3,"You totally avoid contact with "); break;
data/omega-rpg-0.90-pa9/aux2.c:104:36: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (m->uniqueness == COMMON) strcat(Str3,"the ");
data/omega-rpg-0.90-pa9/aux2.c:106:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3,". ");
data/omega-rpg-0.90-pa9/aux2.c:137:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"You dropped your ");
data/omega-rpg-0.90-pa9/aux2.c:152:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Your ");
data/omega-rpg-0.90-pa9/aux2.c:154:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," vibrates in your hand....");
data/omega-rpg-0.90-pa9/aux2.c:641:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 'L': strcpy(Str3,"low."); break;
data/omega-rpg-0.90-pa9/aux2.c:642:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 'C': strcpy(Str3,"center."); break;
data/omega-rpg-0.90-pa9/aux2.c:643:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 'H': strcpy(Str3,"high."); break;
data/omega-rpg-0.90-pa9/aux2.c:644:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
default: strcpy(Str3,"wildly."); break;
data/omega-rpg-0.90-pa9/aux2.c:660:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"You punch ");
data/omega-rpg-0.90-pa9/aux2.c:661:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(Str1,"You thrust ");
data/omega-rpg-0.90-pa9/aux2.c:670:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"You punch ");
data/omega-rpg-0.90-pa9/aux2.c:672:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"You cut ");
data/omega-rpg-0.90-pa9/aux2.c:674:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"You strike ");
data/omega-rpg-0.90-pa9/aux2.c:675:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(Str1,"You attack ");
data/omega-rpg-0.90-pa9/aux2.c:685:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"You lunge ");
data/omega-rpg-0.90-pa9/aux2.c:727:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/aux2.c:731:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," blocks it!");
data/omega-rpg-0.90-pa9/aux3.c:807:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Almost impassable mountains");
data/omega-rpg-0.90-pa9/aux3.c:810:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"Seemingly endless plains");
data/omega-rpg-0.90-pa9/aux3.c:813:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A frosty stretch of tundra");
data/omega-rpg-0.90-pa9/aux3.c:816:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A paved highway");
data/omega-rpg-0.90-pa9/aux3.c:819:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A secret mountain pass");
data/omega-rpg-0.90-pa9/aux3.c:822:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A rolling river");
data/omega-rpg-0.90-pa9/aux3.c:825:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The city of Rampart");
data/omega-rpg-0.90-pa9/aux3.c:828:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A rural village");
data/omega-rpg-0.90-pa9/aux3.c:831:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A verdant forest");
data/omega-rpg-0.90-pa9/aux3.c:834:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A densely overgrown jungle");
data/omega-rpg-0.90-pa9/aux3.c:837:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A swampy fen");
data/omega-rpg-0.90-pa9/aux3.c:840:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A huge active volcano");
data/omega-rpg-0.90-pa9/aux3.c:843:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"An imposing castle");
data/omega-rpg-0.90-pa9/aux3.c:846:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A mysterious mountain.");
data/omega-rpg-0.90-pa9/aux3.c:849:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A cavern filled with treasure.");
data/omega-rpg-0.90-pa9/aux3.c:852:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"An ancient palace ruins.");
data/omega-rpg-0.90-pa9/aux3.c:855:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"An island emanating magic.");
data/omega-rpg-0.90-pa9/aux3.c:858:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A hidden cave entrance");
data/omega-rpg-0.90-pa9/aux3.c:861:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A neoclassical temple");
data/omega-rpg-0.90-pa9/aux3.c:864:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"A sere desert");
data/omega-rpg-0.90-pa9/aux3.c:867:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The Sea of Chaos");
data/omega-rpg-0.90-pa9/aux3.c:870:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"I have no idea.");
data/omega-rpg-0.90-pa9/aux3.c:921:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte, prefix[80];
data/omega-rpg-0.90-pa9/bank.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * npc_account_passwords [NUM_NPC_ACCOUNTS] =
data/omega-rpg-0.90-pa9/bank.c:353:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw_buf1 [16];
data/omega-rpg-0.90-pa9/bank.c:354:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw_buf2 [16];
data/omega-rpg-0.90-pa9/bank.c:643:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw_buf [16];
data/omega-rpg-0.90-pa9/bank.c:669:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[120];
data/omega-rpg-0.90-pa9/char.c:93:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Player.meleestr,"CCBC");
data/omega-rpg-0.90-pa9/char.c:105:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("omega.rc","rb")) != NULL) {
data/omega-rpg-0.90-pa9/char.c:109:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(Str1,"r")) != NULL) {
data/omega-rpg-0.90-pa9/char.c:124:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savedg[80];
data/omega-rpg-0.90-pa9/char.c:163:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("omega.rc","wb");
data/omega-rpg-0.90-pa9/char.c:166:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(Str1,"w");
data/omega-rpg-0.90-pa9/char.c:806:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1, "Generated character # %d", i );
data/omega-rpg-0.90-pa9/city.c:659:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jail[5][11] =
data/omega-rpg-0.90-pa9/command2.c:266:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1," Talk to ");
data/omega-rpg-0.90-pa9/command2.c:949:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[100];
data/omega-rpg-0.90-pa9/command2.c:1003:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1, "Illegal character '%c' in filename - Save aborted.", fname[pos]);
data/omega-rpg-0.90-pa9/command2.c:1011:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1, "Save name longer than %d characters - Save aborted.",
data/omega-rpg-0.90-pa9/command2.c:1020:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1, "Save name longer than %d characters - Save aborted.",
data/omega-rpg-0.90-pa9/command3.c:141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filestr[80];
data/omega-rpg-0.90-pa9/command3.c:368:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[80];
data/omega-rpg-0.90-pa9/command3.c:530:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,", the Wizard of Omega appears before you....");
data/omega-rpg-0.90-pa9/compress.c:452:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ofname [100];
data/omega-rpg-0.90-pa9/compress.c:505:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[100];
data/omega-rpg-0.90-pa9/compress.c:554:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infile = fopen(*fileptr, "rb")) == NULL) {
data/omega-rpg-0.90-pa9/compress.c:590:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infile = fopen(*fileptr, "rb")) == NULL) {
data/omega-rpg-0.90-pa9/compress.c:630:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[2];
data/omega-rpg-0.90-pa9/compress.c:652:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfile = fopen(ofname, "wb")) == NULL) {
data/omega-rpg-0.90-pa9/compress.c:838:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BITS];
data/omega-rpg-0.90-pa9/defs.h:1767:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/omega-rpg-0.90-pa9/defs.h:1768:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meleestr[64];
data/omega-rpg-0.90-pa9/effect1.c:291:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/effect1.c:298:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case FLAME:strcat(Str1," was blasted by a firebolt!");break;
data/omega-rpg-0.90-pa9/effect1.c:299:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case ELECTRICITY:strcat(Str1," was zapped by lightning!");break;
data/omega-rpg-0.90-pa9/effect1.c:300:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case NORMAL_DAMAGE:strcat(Str1," was hit by a missile!"); break;
data/omega-rpg-0.90-pa9/effect1.c:301:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case COLD:strcat(Str1," was hit by an icicle!"); break;
data/omega-rpg-0.90-pa9/effect1.c:309:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/effect1.c:314:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case FLAME:strcat(Str1," was missed by a firebolt!");break;
data/omega-rpg-0.90-pa9/effect1.c:315:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case ELECTRICITY:strcat(Str1," was missed by lightning!");break;
data/omega-rpg-0.90-pa9/effect1.c:316:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case NORMAL_DAMAGE:strcat(Str1," was missed by a missile!"); break;
data/omega-rpg-0.90-pa9/effect1.c:317:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case COLD:strcat(Str1," was missed by a flying icicle!"); break;
data/omega-rpg-0.90-pa9/effect1.c:408:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/effect1.c:413:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case FLAME:strcat(Str1," was zorched by a fireball!"); break;
data/omega-rpg-0.90-pa9/effect1.c:414:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case COLD:strcat(Str1," was blasted by a snowball!"); break;
data/omega-rpg-0.90-pa9/effect1.c:415:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case ELECTRICITY:strcat(Str1," was zapped by ball lightning!");break;
data/omega-rpg-0.90-pa9/effect1.c:416:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case UNSTOPPABLE:strcat(Str1," was nuked by a manastorm!");break;
data/omega-rpg-0.90-pa9/effect1.c:589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wishstr[80];
data/omega-rpg-0.90-pa9/effect3.c:203:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/effect3.c:208:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," seems to have fallen asleep.");
data/omega-rpg-0.90-pa9/effect3.c:212:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(Str1," is bright eyed, and bushy tailed!");
data/omega-rpg-0.90-pa9/effect3.c:352:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/effect3.c:357:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," was blasted!");
data/omega-rpg-0.90-pa9/effect3.c:363:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," does not seem affected.");
data/omega-rpg-0.90-pa9/effect3.c:395:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/effect3.c:399:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," disintegrates!");
data/omega-rpg-0.90-pa9/effect3.c:898:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"You enjoy your new life as ");
data/omega-rpg-0.90-pa9/effect3.c:913:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/effect3.c:915:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," resists the change!");
data/omega-rpg-0.90-pa9/effect3.c:1139:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"a coronary");
data/omega-rpg-0.90-pa9/effect3.c:1145:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"soul destruction");
data/omega-rpg-0.90-pa9/effect3.c:1166:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/effect3.c:1172:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2,"seems enraged!");
data/omega-rpg-0.90-pa9/effect3.c:1174:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2,"is terrorized!");
data/omega-rpg-0.90-pa9/etc.c:260:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 0:strcpy(Str3,"Orion Splash");break;
data/omega-rpg-0.90-pa9/etc.c:261:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1:strcpy(Str3,"Gorgar");break;
data/omega-rpg-0.90-pa9/etc.c:262:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2:strcpy(Str3,"Hieronymous");break;
data/omega-rpg-0.90-pa9/etc.c:263:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3:strcpy(Str3,"Quantifor Quotron");break;
data/omega-rpg-0.90-pa9/etc.c:264:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 4:strcpy(Str3,"Leon");break;
data/omega-rpg-0.90-pa9/etc.c:265:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 5:strcpy(Str3,"Joyce");break;
data/omega-rpg-0.90-pa9/etc.c:266:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 6:strcpy(Str3,"Leticia Smiley");break;
data/omega-rpg-0.90-pa9/etc.c:267:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 7:strcpy(Str3,"Ogilvy the Grim");break;
data/omega-rpg-0.90-pa9/etc.c:268:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 8:strcpy(Str3,"Salara Storn");break;
data/omega-rpg-0.90-pa9/etc.c:269:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 9:strcpy(Str3,"Murgo");break;
data/omega-rpg-0.90-pa9/etc.c:270:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 10:strcpy(Str3,"Jonathan Atwilder");break;
data/omega-rpg-0.90-pa9/etc.c:271:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 11:strcpy(Str3,"Xylos the Tan");break;
data/omega-rpg-0.90-pa9/etc.c:272:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 12:strcpy(Str3,"Terence");break;
data/omega-rpg-0.90-pa9/etc.c:273:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 13:strcpy(Str3,"Toronado");break;
data/omega-rpg-0.90-pa9/etc.c:274:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 14:strcpy(Str3,"Kelly");break;
data/omega-rpg-0.90-pa9/etc.c:275:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 15:strcpy(Str3,"Cantinflas");break;
data/omega-rpg-0.90-pa9/etc.c:276:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 16:strcpy(Str3,"Ixel");break;
data/omega-rpg-0.90-pa9/etc.c:277:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 17:strcpy(Str3,"Toto");break;
data/omega-rpg-0.90-pa9/etc.c:278:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 18:strcpy(Str3,"Frost");break;
data/omega-rpg-0.90-pa9/etc.c:279:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 19:strcpy(Str3,"Aliera Erinyes");break;
data/omega-rpg-0.90-pa9/etc.c:280:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 20:strcpy(Str3,"Godel");break;
data/omega-rpg-0.90-pa9/etc.c:281:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 21:strcpy(Str3,"Kerst Blackblade");break;
data/omega-rpg-0.90-pa9/etc.c:282:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 22:strcpy(Str3,"Ebenezer");break;
data/omega-rpg-0.90-pa9/etc.c:283:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 23:strcpy(Str3,"Jeremiah");break;
data/omega-rpg-0.90-pa9/etc.c:284:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 24:strcpy(Str3,"Triskelion Shadow");break;
data/omega-rpg-0.90-pa9/etc.c:285:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 25:strcpy(Str3,"Eleskir Eremar");break;
data/omega-rpg-0.90-pa9/etc.c:286:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 26:strcpy(Str3,"Tyron");break;
data/omega-rpg-0.90-pa9/etc.c:287:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 27:strcpy(Str3,"Morgon");break;
data/omega-rpg-0.90-pa9/etc.c:288:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 28:strcpy(Str3,"Achmed");break;
data/omega-rpg-0.90-pa9/etc.c:289:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 29:strcpy(Str3,"Chin");break;
data/omega-rpg-0.90-pa9/etc.c:290:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 30:strcpy(Str3,"Fujimoto");break;
data/omega-rpg-0.90-pa9/etc.c:291:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 31:strcpy(Str3,"Dos Santos");break;
data/omega-rpg-0.90-pa9/etc.c:292:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 32:strcpy(Str3,"Federico");break;
data/omega-rpg-0.90-pa9/etc.c:293:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 33:strcpy(Str3,"Jaime");break;
data/omega-rpg-0.90-pa9/etc.c:294:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 34:strcpy(Str3,"Siobhan");break;
data/omega-rpg-0.90-pa9/etc.c:295:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 35:strcpy(Str3,"Hans");break;
data/omega-rpg-0.90-pa9/etc.c:296:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 36:strcpy(Str3,"Gurkov");break;
data/omega-rpg-0.90-pa9/etc.c:297:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 37:strcpy(Str3,"Krilos the Slayer");break;
data/omega-rpg-0.90-pa9/etc.c:298:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 38:strcpy(Str3,"Oxxblud");break;
data/omega-rpg-0.90-pa9/etc.c:299:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 39:strcpy(Str3,"Dorian");break;
data/omega-rpg-0.90-pa9/file.c:32:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filestring,optionstring);
data/omega-rpg-0.90-pa9/file.c:40:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (response == 'r') fd = fopen(filestring,optionstring);
data/omega-rpg-0.90-pa9/file.c:56:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"help13.txt");
data/omega-rpg-0.90-pa9/file.c:57:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(Str1,"help12.txt");
data/omega-rpg-0.90-pa9/file.c:66:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"intro.txt");
data/omega-rpg-0.90-pa9/file.c:74:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"license.txt");
data/omega-rpg-0.90-pa9/file.c:84:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"abyss.txt");
data/omega-rpg-0.90-pa9/file.c:94:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"help3.txt");
data/omega-rpg-0.90-pa9/file.c:104:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"help5.txt");
data/omega-rpg-0.90-pa9/file.c:115:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"scroll2.txt");
data/omega-rpg-0.90-pa9/file.c:124:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"scroll3.txt");
data/omega-rpg-0.90-pa9/file.c:132:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"scroll4.txt");
data/omega-rpg-0.90-pa9/file.c:140:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"scroll1.txt");
data/omega-rpg-0.90-pa9/file.c:149:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"motd.txt");
data/omega-rpg-0.90-pa9/file.c:165:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"omega.hi.lock");
data/omega-rpg-0.90-pa9/file.c:170:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lock = open(Str1, O_WRONLY | O_CREAT | O_EXCL, 0600);
data/omega-rpg-0.90-pa9/file.c:173:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lockfile = fopen(Str1, "rb");
data/omega-rpg-0.90-pa9/file.c:201:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1, "%d", getpid());
data/omega-rpg-0.90-pa9/file.c:211:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"omega.hi.lock");
data/omega-rpg-0.90-pa9/file.c:223:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"omega.hi");
data/omega-rpg-0.90-pa9/file.c:300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/omega-rpg-0.90-pa9/file.c:307:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"omega.hi");
data/omega-rpg-0.90-pa9/file.c:311:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2,"omegahi.new"); /* stupid 8.3 msdos filename limit */
data/omega-rpg-0.90-pa9/file.c:313:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2,"omega.hi.new");
data/omega-rpg-0.90-pa9/file.c:440:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"omega.log");
data/omega-rpg-0.90-pa9/file.c:475:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name, "r");
data/omega-rpg-0.90-pa9/file.c:477:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name, "r+");
data/omega-rpg-0.90-pa9/file.c:489:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_name, O_RDONLY, 0);
data/omega-rpg-0.90-pa9/file.c:491:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file_name, O_RDWR, 0);
data/omega-rpg-0.90-pa9/file.c:655:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deststr[80];
data/omega-rpg-0.90-pa9/file.c:656:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STRING_LEN];
data/omega-rpg-0.90-pa9/file.c:668:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(deststr, "wb");
data/omega-rpg-0.90-pa9/fixstr.c:38:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sourcefp = fopen(argv[1],"r")) == NULL ||
data/omega-rpg-0.90-pa9/fixstr.c:39:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(destfp = fopen(TMPFILE,"w")) == NULL)
data/omega-rpg-0.90-pa9/fixstr.c:53:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sourcefp = fopen(TMPFILE,"r")) == NULL ||
data/omega-rpg-0.90-pa9/fixstr.c:54:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(destfp = fopen(argv[1],"w")) == NULL)
data/omega-rpg-0.90-pa9/fixstr.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_string[128],*temp;
data/omega-rpg-0.90-pa9/fixstr.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/omega-rpg-0.90-pa9/gen1.c:23:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str2,"om%d*.lev",Dungeon->environment);
data/omega-rpg-0.90-pa9/gen1.c:275:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_ZORCH:strcpy(Str4,"A place zorched by powerful magic.");break;
data/omega-rpg-0.90-pa9/gen1.c:276:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_COURT:strcpy(Str4,"The Court of the ArchMage."); break;
data/omega-rpg-0.90-pa9/gen1.c:277:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_CIRCLE:strcpy(Str4,"The Astral Demesne of the Circle of Sorcerors");
data/omega-rpg-0.90-pa9/gen1.c:279:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_MAGIC_ISLE: strcpy(Str4,"An island positively reeking of magic");
data/omega-rpg-0.90-pa9/gen1.c:281:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_STARPEAK: strcpy(Str4,"Near the oddly glowing peak of a mountain");
data/omega-rpg-0.90-pa9/gen1.c:283:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_VOLCANO: strcpy(Str4,"Deep within the bowels of the earth"); break;
data/omega-rpg-0.90-pa9/gen1.c:284:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_HIGHASTRAL: strcpy(Str4,"The High Astral Plane"); break;
data/omega-rpg-0.90-pa9/gen1.c:285:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_EARTHPLANE: strcpy(Str4,"The Plane of Earth"); break;
data/omega-rpg-0.90-pa9/gen1.c:286:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_WATERPLANE: strcpy(Str4,"The Plane of Water"); break;
data/omega-rpg-0.90-pa9/gen1.c:287:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_FIREPLANE: strcpy(Str4,"The Plane of Fire"); break;
data/omega-rpg-0.90-pa9/gen1.c:288:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_AIRPLANE: strcpy(Str4,"The Plane of Air"); break;
data/omega-rpg-0.90-pa9/gen1.c:289:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_KITCHEN: strcpy(Str4,"A kitchen"); break;
data/omega-rpg-0.90-pa9/gen1.c:290:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_BATHROOM: strcpy(Str4,"A bathroom"); break;
data/omega-rpg-0.90-pa9/gen1.c:291:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_BEDROOM: strcpy(Str4,"A bedroom"); break;
data/omega-rpg-0.90-pa9/gen1.c:292:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_DININGROOM: strcpy(Str4,"A dining room"); break;
data/omega-rpg-0.90-pa9/gen1.c:293:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_SECRETPASSAGE: strcpy(Str4,"A secret passage"); break;
data/omega-rpg-0.90-pa9/gen1.c:294:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_CLOSET: strcpy(Str4,"A stuffy closet"); break;
data/omega-rpg-0.90-pa9/gen1.c:295:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_ARENA: strcpy(Str4,"The Rampart Arena"); break;
data/omega-rpg-0.90-pa9/gen1.c:296:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_DROWNED_SEWER: strcpy(Str4,"A water-filled sewer node"); break;
data/omega-rpg-0.90-pa9/gen1.c:297:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_DRAINED_SEWER: strcpy(Str4,"An unused sewer node"); break;
data/omega-rpg-0.90-pa9/gen1.c:298:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_SEWER_DUCT: strcpy(Str4,"A winding sewer duct"); break;
data/omega-rpg-0.90-pa9/gen1.c:299:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_DESTINY: strcpy(Str4,"The Halls of Fate"); break;
data/omega-rpg-0.90-pa9/gen1.c:300:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_DRUID: strcpy(Str4,"The Great Henge"); break;
data/omega-rpg-0.90-pa9/gen1.c:301:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_HECATE: strcpy(Str4,"The Church of the Far Side"); break;
data/omega-rpg-0.90-pa9/gen1.c:302:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_SET: strcpy(Str4,"The Temple of the Black Hand"); break;
data/omega-rpg-0.90-pa9/gen1.c:303:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_ATHENA: strcpy(Str4,"The Parthenon"); break;
data/omega-rpg-0.90-pa9/gen1.c:304:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_ODIN: strcpy(Str4,"The Shrine of the Noose"); break;
data/omega-rpg-0.90-pa9/gen1.c:305:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_ADEPT: strcpy(Str4,"The Adept's Challenge"); break;
data/omega-rpg-0.90-pa9/gen1.c:306:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_WYRM: strcpy(Str4,"The Sunken Cavern of the Great Wyrm."); break;
data/omega-rpg-0.90-pa9/gen1.c:307:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_OCEAN: strcpy(Str4,"The Underground Ocean."); break;
data/omega-rpg-0.90-pa9/gen1.c:308:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_PONDS: strcpy(Str4,"A series of subterranean pools and streams."); break;
data/omega-rpg-0.90-pa9/gen1.c:309:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_DRAGONLORD: strcpy(Str4,"The Lair of the DragonLord."); break;
data/omega-rpg-0.90-pa9/gen1.c:310:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_GOBLINKING: strcpy(Str4,"The Caves of the Goblins."); break;
data/omega-rpg-0.90-pa9/gen1.c:311:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_CAVERN: strcpy(Str4,"A vast natural cavern."); break;
data/omega-rpg-0.90-pa9/gen1.c:312:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_CORRIDOR: strcpy(Str4,"A dimly lit corridor."); break;
data/omega-rpg-0.90-pa9/gen1.c:313:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_WALLSPACE: strcpy(Str4,"A niche hollowed out of the wall."); break;
data/omega-rpg-0.90-pa9/gen1.c:315:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_GARDEROBE: strcpy(Str4,"An abandoned garderobe."); break;
data/omega-rpg-0.90-pa9/gen1.c:316:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_CELL: strcpy(Str4,"A dungeon cell."); break;
data/omega-rpg-0.90-pa9/gen1.c:317:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_TILED: strcpy(Str4,"A tiled chamber."); break;
data/omega-rpg-0.90-pa9/gen1.c:318:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_CRYSTAL_CAVE: strcpy(Str4,"A crystal cavern."); break;
data/omega-rpg-0.90-pa9/gen1.c:319:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_BEDROOM2: strcpy(Str4,"Someone's bedroom."); break;
data/omega-rpg-0.90-pa9/gen1.c:320:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_STOREROOM: strcpy(Str4,"An old storeroom."); break;
data/omega-rpg-0.90-pa9/gen1.c:321:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_CHARRED: strcpy(Str4,"A room with charred walls."); break;
data/omega-rpg-0.90-pa9/gen1.c:322:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_MARBLE_HALL: strcpy(Str4,"A marble hall."); break;
data/omega-rpg-0.90-pa9/gen1.c:323:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_EERIE_CAVE: strcpy(Str4,"An eerie cave."); break;
data/omega-rpg-0.90-pa9/gen1.c:324:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_TREASURE: strcpy(Str4,"A ransacked treasure-chamber."); break;
data/omega-rpg-0.90-pa9/gen1.c:325:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_SMOKEY: strcpy(Str4,"A smoke-filled room."); break;
data/omega-rpg-0.90-pa9/gen1.c:326:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_APARTMENT: strcpy(Str4,"A well-appointed apartment."); break;
data/omega-rpg-0.90-pa9/gen1.c:327:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_ANTECHAMBER: strcpy(Str4,"An antechamber."); break;
data/omega-rpg-0.90-pa9/gen1.c:328:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_HAREM: strcpy(Str4,"An unoccupied harem."); break;
data/omega-rpg-0.90-pa9/gen1.c:329:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_MULTIPURPOSE: strcpy(Str4,"A multi-purpose room."); break;
data/omega-rpg-0.90-pa9/gen1.c:330:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_STALACTITES: strcpy(Str4,"A room filled with stalactites."); break;
data/omega-rpg-0.90-pa9/gen1.c:331:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_GREENHOUSE: strcpy(Str4,"An underground greenhouse."); break;
data/omega-rpg-0.90-pa9/gen1.c:332:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_WATERCLOSET: strcpy(Str4,"A water closet."); break;
data/omega-rpg-0.90-pa9/gen1.c:333:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_STUDY: strcpy(Str4,"A study."); break;
data/omega-rpg-0.90-pa9/gen1.c:334:24: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_LIVING_ROOM: strcpy(Str4,"A living room."); break;
data/omega-rpg-0.90-pa9/gen1.c:335:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_DEN: strcpy(Str4,"A comfortable den."); break;
data/omega-rpg-0.90-pa9/gen1.c:336:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_ABATOIR: strcpy(Str4,"An abatoir."); break;
data/omega-rpg-0.90-pa9/gen1.c:337:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_BOUDOIR: strcpy(Str4,"A boudoir.");break;
data/omega-rpg-0.90-pa9/gen1.c:338:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_STAR_CHAMBER: strcpy(Str4,"A star chamber.");break;
data/omega-rpg-0.90-pa9/gen1.c:339:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_MANMADE_CAVE: strcpy(Str4,"A manmade cavern."); break;
data/omega-rpg-0.90-pa9/gen1.c:340:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_SEWER_CONTROL: strcpy(Str4,"A sewer control room");break;
data/omega-rpg-0.90-pa9/gen1.c:341:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_SHRINE: strcpy(Str4,"A shrine to High Magic"); break;
data/omega-rpg-0.90-pa9/gen1.c:342:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_MAGIC_LAB: strcpy(Str4,"A magic laboratory"); break;
data/omega-rpg-0.90-pa9/gen1.c:343:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_PENTAGRAM: strcpy(Str4,"A room with inscribed pentagram");break;
data/omega-rpg-0.90-pa9/gen1.c:344:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case RS_OMEGA_DAIS: strcpy(Str4,"A chamber with a blue crystal omega dais");
data/omega-rpg-0.90-pa9/gen1.c:347:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
default: strcpy(Str4,"A room of mystery and allure"); break;
data/omega-rpg-0.90-pa9/genclr.c:200:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen (file, "w");
data/omega-rpg-0.90-pa9/genclr.c:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024], *p;
data/omega-rpg-0.90-pa9/glob.h:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char SaveFileName[80];
data/omega-rpg-0.90-pa9/glob.h:205:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Stringbuffer[STRING_BUFFER_SIZE][80];
data/omega-rpg-0.90-pa9/glob.h:255:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Password[64];
data/omega-rpg-0.90-pa9/glob.h:264:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Str1[STRING_LEN],Str2[STRING_LEN],Str3[STRING_LEN],Str4[STRING_LEN];
data/omega-rpg-0.90-pa9/glob.h:275:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Shadowlord[80],Archmage[80],Prime[80],Commandant[80],Duke[80];
data/omega-rpg-0.90-pa9/glob.h:276:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Champion[80],Priest[7][80],Hiscorer[80],Hidescrip[80];
data/omega-rpg-0.90-pa9/glob.h:277:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Chaoslord[80],Lawlord[80],Justiciar[80],Grandmaster[80];
data/omega-rpg-0.90-pa9/guild1.c:485:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,", the arena champion");
data/omega-rpg-0.90-pa9/guild1.c:488:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The corpse of ");
data/omega-rpg-0.90-pa9/guild1.c:502:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Arena_Monster->meleestr,"L?R?");
data/omega-rpg-0.90-pa9/guild1.c:519:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," the ");
data/omega-rpg-0.90-pa9/guild1.c:522:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The corpse of ");
data/omega-rpg-0.90-pa9/inv.c:221:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[80];
data/omega-rpg-0.90-pa9/inv.c:237:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str4, "the ");
data/omega-rpg-0.90-pa9/inv.c:243:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str4, "the ");
data/omega-rpg-0.90-pa9/inv.c:245:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str4, "disenchanted ");
data/omega-rpg-0.90-pa9/inv.c:247:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str4, "cursed ");
data/omega-rpg-0.90-pa9/inv.c:251:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str4, "blessed ");
data/omega-rpg-0.90-pa9/inv.c:321:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(nstr,"lots of ");
data/omega-rpg-0.90-pa9/inv.c:393:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"The ");
data/omega-rpg-0.90-pa9/inv.c:400:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3," takes your gift");
data/omega-rpg-0.90-pa9/inv.c:420:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3," wolfs down your food ... ");
data/omega-rpg-0.90-pa9/inv.c:436:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3," spurns your offering and leaves it on the ground.");
data/omega-rpg-0.90-pa9/inv.c:442:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3," doesn't care for your offering and drops it.");
data/omega-rpg-0.90-pa9/inv.c:549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char invstr[64];
data/omega-rpg-0.90-pa9/inv.c:550:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char selectstr[80];
data/omega-rpg-0.90-pa9/inv.c:593:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(selectstr, "Select an item. (");
data/omega-rpg-0.90-pa9/inv.c:1001:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, "Your ");
data/omega-rpg-0.90-pa9/inv.c:1004:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, " look like ");
data/omega-rpg-0.90-pa9/inv.c:1006:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, " looks like a");
data/omega-rpg-0.90-pa9/inv.c:1011:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, "n ");
data/omega-rpg-0.90-pa9/inv.c:1185:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, "Your ");
data/omega-rpg-0.90-pa9/inv.c:1188:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, " look like ");
data/omega-rpg-0.90-pa9/inv.c:1190:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, " looks like a");
data/omega-rpg-0.90-pa9/inv.c:1195:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, "n ");
data/omega-rpg-0.90-pa9/itemf3.c:601:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Str1, "You bag of holding currently holds %d items.\n", o->aux );
data/omega-rpg-0.90-pa9/map.c:166:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3,"maps.dat");
data/omega-rpg-0.90-pa9/map.c:180:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str3,"maps.dat");
data/omega-rpg-0.90-pa9/mmelee.c:11:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"a ");
data/omega-rpg-0.90-pa9/mmelee.c:30:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str4,"The ");
data/omega-rpg-0.90-pa9/mmelee.c:35:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str4," attacks ");
data/omega-rpg-0.90-pa9/mmelee.c:41:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str4," lunges ");
data/omega-rpg-0.90-pa9/mmelee.c:64:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mmelee.c:71:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," touches you.");
data/omega-rpg-0.90-pa9/mmelee.c:75:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," hits you.");
data/omega-rpg-0.90-pa9/mmelee.c:80:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," hits you.");
data/omega-rpg-0.90-pa9/mmelee.c:86:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," blasts you with fire.");
data/omega-rpg-0.90-pa9/mmelee.c:91:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," hits you and blasts you with fire.");
data/omega-rpg-0.90-pa9/mmelee.c:97:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," lashes you with electricity.");
data/omega-rpg-0.90-pa9/mmelee.c:102:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," freezes you with cold.");
data/omega-rpg-0.90-pa9/mmelee.c:107:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," hits you.");
data/omega-rpg-0.90-pa9/mmelee.c:116:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," grabs you.");
data/omega-rpg-0.90-pa9/mmelee.c:122:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," touches you.");
data/omega-rpg-0.90-pa9/mmelee.c:128:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," hits you.");
data/omega-rpg-0.90-pa9/mmelee.c:137:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," hit you.");
data/omega-rpg-0.90-pa9/mmelee.c:147:29: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (random_range(10)) strcat(Str2," missed you.");
data/omega-rpg-0.90-pa9/mmelee.c:152:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," blundered severely.");
data/omega-rpg-0.90-pa9/mmelee.c:155:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," tripped while attacking.");m_dropstuff(m);break;
data/omega-rpg-0.90-pa9/mmelee.c:157:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," seems seriously confused.");
data/omega-rpg-0.90-pa9/mmelee.c:160:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," missed you.");
data/omega-rpg-0.90-pa9/mmelee.c:164:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0: strcat(Str2," flailed stupidly at you."); break;
data/omega-rpg-0.90-pa9/mmelee.c:165:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1: strcat(Str2," made you laugh."); break;
data/omega-rpg-0.90-pa9/mmelee.c:166:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2: strcat(Str2," blundered severely.");
data/omega-rpg-0.90-pa9/mmelee.c:168:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3: strcat(Str2," tripped while attacking.");m_dropstuff(m);break;
data/omega-rpg-0.90-pa9/mmelee.c:169:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4: strcat(Str2," seems seriously confused.");
data/omega-rpg-0.90-pa9/mmelee.c:171:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5: strcat(Str2," is seriously ashamed."); break;
data/omega-rpg-0.90-pa9/mmelee.c:172:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6: strcat(Str2," made a boo-boo."); break;
data/omega-rpg-0.90-pa9/mmelee.c:173:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 7: strcat(Str2," blundered."); break;
data/omega-rpg-0.90-pa9/mmelee.c:174:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 8: strcat(Str2," cries out in anger and frustration."); break;
data/omega-rpg-0.90-pa9/mmelee.c:175:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 9: strcat(Str2," curses your ancestry."); break;
data/omega-rpg-0.90-pa9/mmelee.c:225:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mmstr[80];
data/omega-rpg-0.90-pa9/mmelee.c:272:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(m->meleestr,"L?R?");
data/omega-rpg-0.90-pa9/mmove.c:33:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mmove.c:38:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," drops its treasure and flees!");
data/omega-rpg-0.90-pa9/mmove.c:41:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(Str2," flees!");
data/omega-rpg-0.90-pa9/mmove.c:213:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mmove.c:217:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," vanishes in the twinkling of an eye!");
data/omega-rpg-0.90-pa9/mmove.c:246:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1, "The ");
data/omega-rpg-0.90-pa9/mmove.c:251:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1, " releases the dog's chain!");
data/omega-rpg-0.90-pa9/mon.c:114:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:117:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," ignores the attack!");
data/omega-rpg-0.90-pa9/mon.c:148:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:151:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," is dead! ");
data/omega-rpg-0.90-pa9/mon.c:618:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The body of ");
data/omega-rpg-0.90-pa9/mon.c:697:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"Malaprop the Misnamed");
data/omega-rpg-0.90-pa9/mon.c:700:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1,"omega.log");
data/omega-rpg-0.90-pa9/mon.c:719:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"ghost named ");
data/omega-rpg-0.90-pa9/mon.c:723:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"haunt named ");
data/omega-rpg-0.90-pa9/mon.c:727:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"spectre named ");
data/omega-rpg-0.90-pa9/mon.c:731:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"lich named ");
data/omega-rpg-0.90-pa9/mon.c:735:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"the mortal remains of ");
data/omega-rpg-0.90-pa9/mon.c:742:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3,"the corpse of ");
data/omega-rpg-0.90-pa9/mon.c:756:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:759:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," was hit by a dart!");
data/omega-rpg-0.90-pa9/mon.c:772:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:775:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," fell into a pit!");
data/omega-rpg-0.90-pa9/mon.c:791:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:794:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," fell into a trap door!");
data/omega-rpg-0.90-pa9/mon.c:804:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:808:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:811:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," fell into the infinite abyss!");
data/omega-rpg-0.90-pa9/mon.c:825:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:831:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:834:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," was caught in a snare!");
data/omega-rpg-0.90-pa9/mon.c:842:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:848:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:851:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," was hit by a blade trap!");
data/omega-rpg-0.90-pa9/mon.c:858:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:864:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:867:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," was hit by a fire trap!");
data/omega-rpg-0.90-pa9/mon.c:876:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:880:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:883:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," was blasted by fire!");
data/omega-rpg-0.90-pa9/mon.c:891:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:897:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:900:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," walked into a teleport trap!");
data/omega-rpg-0.90-pa9/mon.c:908:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:912:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:915:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," walked into a disintegration trap!");
data/omega-rpg-0.90-pa9/mon.c:925:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:929:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:932:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," walked into a sleepgas trap!");
data/omega-rpg-0.90-pa9/mon.c:942:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:946:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:949:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," walked into an acid bath trap!");
data/omega-rpg-0.90-pa9/mon.c:959:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:963:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:966:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," walked into a manadrain trap!");
data/omega-rpg-0.90-pa9/mon.c:977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:984:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:987:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," drowned!");
data/omega-rpg-0.90-pa9/mon.c:997:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:1001:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:1004:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," fell into the infinite abyss!");
data/omega-rpg-0.90-pa9/mon.c:1013:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[80];
data/omega-rpg-0.90-pa9/mon.c:1019:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:1022:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," died in a pool of lava!");
data/omega-rpg-0.90-pa9/mon.c:1038:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The ");
data/omega-rpg-0.90-pa9/mon.c:1041:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str1," walks next to an altar...");
data/omega-rpg-0.90-pa9/move.c:454:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open) print1("You hear the sound of steel on stone!");
data/omega-rpg-0.90-pa9/mspec.c:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char action[80];
data/omega-rpg-0.90-pa9/mspec.c:137:34: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (m->uniqueness == COMMON) strcpy(action,"The ");
data/omega-rpg-0.90-pa9/mspec.c:140:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(action," casts a spell...");
data/omega-rpg-0.90-pa9/mspec.c:199:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"a ");
data/omega-rpg-0.90-pa9/mspec.c:264:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mspec.c:268:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," runs away screaming for help....");
data/omega-rpg-0.90-pa9/mspec.c:421:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"were-");
data/omega-rpg-0.90-pa9/mspec.c:423:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"dead were-");
data/omega-rpg-0.90-pa9/mspec.c:635:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mspec.c:639:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," suddenly runs away for some reason.");
data/omega-rpg-0.90-pa9/mspec.c:669:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mspec.c:673:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," emits an irritating humming sound.");
data/omega-rpg-0.90-pa9/mstrike.c:43:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mstrike.c:47:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," gazes at you menacingly");
data/omega-rpg-0.90-pa9/mstrike.c:65:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mstrike.c:69:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," screams at you!");
data/omega-rpg-0.90-pa9/mtalk.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:111:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0:strcat(Str2," does not reply. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:112:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1:strcat(Str2," shrugs silently. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:113:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2:strcat(Str2," holds a finger to his mouth. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:114:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3:strcat(Str2," glares at you but says nothing. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:115:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4:strcat(Str2," is not going to answer you. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:116:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5:strcat(Str2," has taken a vow of silence. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:117:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6:strcat(Str2," attempts sign language. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:118:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 7:strcat(Str2," fails to respond."); break;
data/omega-rpg-0.90-pa9/mtalk.c:128:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:133:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0:strcat(Str2," looks at you with mute incomprehension."); break;
data/omega-rpg-0.90-pa9/mtalk.c:134:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1:strcat(Str2," growls menacingly and ignores you."); break;
data/omega-rpg-0.90-pa9/mtalk.c:135:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2:strcat(Str2," does not seem to have heard you."); break;
data/omega-rpg-0.90-pa9/mtalk.c:136:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3:strcat(Str2," tries to pretend it didn't hear you."); break;
data/omega-rpg-0.90-pa9/mtalk.c:146:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:151:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0:strcat(Str2," says: Give me a treasure.... ");break;
data/omega-rpg-0.90-pa9/mtalk.c:152:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1:strcat(Str2," says: Stand and deliver, knave! "); break;
data/omega-rpg-0.90-pa9/mtalk.c:153:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2:strcat(Str2," says: Your money or your life! "); break;
data/omega-rpg-0.90-pa9/mtalk.c:154:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3:strcat(Str2," says: Yield or Die! "); break;
data/omega-rpg-0.90-pa9/mtalk.c:164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:169:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0:strcat(Str2," says: I hunger, foolish adventurer! "); break;
data/omega-rpg-0.90-pa9/mtalk.c:170:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1:strcat(Str2," drools menacingly at you. "); break;
data/omega-rpg-0.90-pa9/mtalk.c:171:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2:strcat(Str2," says: You're invited to be lunch! "); break;
data/omega-rpg-0.90-pa9/mtalk.c:172:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3:strcat(Str2," says: Feeed Meee! "); break;
data/omega-rpg-0.90-pa9/mtalk.c:240:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:244:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," titters obscenely at you.");
data/omega-rpg-0.90-pa9/mtalk.c:337:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:342:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0:strcat(Str2," asks you for the way home."); break;
data/omega-rpg-0.90-pa9/mtalk.c:343:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1:strcat(Str2," wishes you a pleasant day."); break;
data/omega-rpg-0.90-pa9/mtalk.c:344:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2:strcat(Str2," sneers at you contemptuously."); break;
data/omega-rpg-0.90-pa9/mtalk.c:345:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3:strcat(Str2," smiles and nods."); break;
data/omega-rpg-0.90-pa9/mtalk.c:346:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4:strcat(Str2," tells you a joke."); break;
data/omega-rpg-0.90-pa9/mtalk.c:356:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:361:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0:strcat(Str2," says: 'THERE CAN BE ONLY ONE!'"); break;
data/omega-rpg-0.90-pa9/mtalk.c:362:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1:strcat(Str2," says: 'Prepare to die, Buckwheat!'"); break;
data/omega-rpg-0.90-pa9/mtalk.c:363:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2:strcat(Str2," says: 'Time to die!'"); break;
data/omega-rpg-0.90-pa9/mtalk.c:364:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3:strcat(Str2," says: 'There will be no mercy.'"); break;
data/omega-rpg-0.90-pa9/mtalk.c:365:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 4:strcat(Str2," insults your mother-in-law."); break;
data/omega-rpg-0.90-pa9/mtalk.c:366:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 5:strcat(Str2," says: 'Kurav tu ando mul!'"); break;
data/omega-rpg-0.90-pa9/mtalk.c:367:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 6:strcat(Str2," says: '!va al infierno!'"); break;
data/omega-rpg-0.90-pa9/mtalk.c:368:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 7:strcat(Str2," says: 'dame desu, nee.'"); break;
data/omega-rpg-0.90-pa9/mtalk.c:369:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 8:strcat(Str2," spits on your rug and calls your cat a bastard.");
data/omega-rpg-0.90-pa9/mtalk.c:371:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 9:strcat(Str2," snickers malevolently and draws a weapon."); break;
data/omega-rpg-0.90-pa9/mtalk.c:372:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 10:strcat(Str2," sends 'rm -r *' to your shell!"); break;
data/omega-rpg-0.90-pa9/mtalk.c:373:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 11:strcat(Str2," tweaks your nose and cackles evilly."); break;
data/omega-rpg-0.90-pa9/mtalk.c:374:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 12:strcat(Str2," thumbs you in the eyes."); break;
data/omega-rpg-0.90-pa9/mtalk.c:375:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 13:strcat(Str2," kicks you in the groin."); break;
data/omega-rpg-0.90-pa9/mtalk.c:384:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:389:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 0:strcat(Str2," says: 'exterminate...Exterminate...EXTERMINATE!!!'");
data/omega-rpg-0.90-pa9/mtalk.c:391:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 1:strcat(Str2," says: 'Kill ... Crush ... Destroy'");
data/omega-rpg-0.90-pa9/mtalk.c:393:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 2:strcat(Str2," says: 'Danger -- Danger'");
data/omega-rpg-0.90-pa9/mtalk.c:395:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case 3:strcat(Str2," says: 'Yo Mama -- core dumped.'");
data/omega-rpg-0.90-pa9/mtalk.c:418:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:422:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," burbles hatefully at you.");
data/omega-rpg-0.90-pa9/mtalk.c:430:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:434:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," asks you for alms.");
data/omega-rpg-0.90-pa9/mtalk.c:442:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:447:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," only sneers at you. ");
data/omega-rpg-0.90-pa9/mtalk.c:451:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," whispers in your ear: ");
data/omega-rpg-0.90-pa9/mtalk.c:503:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:509:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2, " notices your disinterest and leaves with a pout.");
data/omega-rpg-0.90-pa9/mtalk.c:514:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," beckons seductively...");
data/omega-rpg-0.90-pa9/mtalk.c:521:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:523:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," shows you a good time....");
data/omega-rpg-0.90-pa9/mtalk.c:536:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:542:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2, " notices your disinterest and changes with a snarl...");
data/omega-rpg-0.90-pa9/mtalk.c:548:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," beckons seductively...");
data/omega-rpg-0.90-pa9/mtalk.c:555:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:559:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," shows you a good time....");
data/omega-rpg-0.90-pa9/mtalk.c:582:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/mtalk.c:586:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Str2," laughs insanely.");
data/omega-rpg-0.90-pa9/mtalk.c:665:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str2,"The ");
data/omega-rpg-0.90-pa9/omega.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SaveFileName[80];
data/omega-rpg-0.90-pa9/omega.c:121:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Stringbuffer[STRING_BUFFER_SIZE][80]; /* last strings printed */
data/omega-rpg-0.90-pa9/omega.c:146:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Password[64]; /* autoteller password */
data/omega-rpg-0.90-pa9/omega.c:148:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Password[64] = {0}; /* autoteller password */
data/omega-rpg-0.90-pa9/omega.c:152:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[STRING_LEN],Str2[STRING_LEN],Str3[STRING_LEN],Str4[STRING_LEN];
data/omega-rpg-0.90-pa9/omega.c:154:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str1[STRING_LEN] = {0},Str2[STRING_LEN] = {0},Str3[STRING_LEN] = {0},Str4[STRING_LEN] = {0};
data/omega-rpg-0.90-pa9/omega.c:168:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Grandmaster[80];
data/omega-rpg-0.90-pa9/omega.c:169:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Shadowlord[80],Archmage[80],Prime[80],Commandant[80],Duke[80];
data/omega-rpg-0.90-pa9/omega.c:170:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Champion[80],Priest[7][80],Hiscorer[80],Hidescrip[80];
data/omega-rpg-0.90-pa9/omega.c:171:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Chaoslord[80],Lawlord[80],Justiciar[80];
data/omega-rpg-0.90-pa9/omega.c:176:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Grandmaster[80] = {0};
data/omega-rpg-0.90-pa9/omega.c:181:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Shadowlord[80] = {0},Archmage[80] = {0},Prime[80] = {0},Commandant[80] = {0},Duke[80] = {0};
data/omega-rpg-0.90-pa9/omega.c:182:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Champion[80] = {0},Priest[7][80] = {0},Hiscorer[80] = {0},Hidescrip[80] = {0};
data/omega-rpg-0.90-pa9/omega.c:183:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Chaoslord[80] = {0},Lawlord[80] = {0},Justiciar[80] = {0};
data/omega-rpg-0.90-pa9/omega.c:297:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( SaveFileName, "Omega%d", getuid() );
data/omega-rpg-0.90-pa9/omega.c:299:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( SaveFileName,"Omega");
data/omega-rpg-0.90-pa9/omega.c:313:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( SaveFileName,"Omega");
data/omega-rpg-0.90-pa9/omega.c:381:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DG_debug_log = fopen( "/tmp/omega_dbg_log", "a" );
data/omega-rpg-0.90-pa9/omega.c:388:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Stringbuffer[count],"<nothing>");
data/omega-rpg-0.90-pa9/pdump.c:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dump_buf[ 100 ];
data/omega-rpg-0.90-pa9/pdump.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *legion_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arena_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *college_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nobility_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:84:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *circle_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:94:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *order_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *thieves_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:114:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *priesthood_ranks[ 6 ] =
data/omega-rpg-0.90-pa9/pdump.c:124:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *patron_names[ 7 ] =
data/omega-rpg-0.90-pa9/pdump.c:135:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *monk_ranks[8] =
data/omega-rpg-0.90-pa9/pdump.c:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dump_name[ 32 ];
data/omega-rpg-0.90-pa9/pdump.c:154:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( dump_name, ".txt" );
data/omega-rpg-0.90-pa9/pdump.c:159:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dumpfile = fopen( dump_name, "w" );
data/omega-rpg-0.90-pa9/pdump.c:212:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( buf, "(nothing)\n" );
data/omega-rpg-0.90-pa9/pdump.c:228:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "a) Ready hand : " );
data/omega-rpg-0.90-pa9/pdump.c:233:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "b) Weapon hand : " );
data/omega-rpg-0.90-pa9/pdump.c:238:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "c) Left shoulder : " );
data/omega-rpg-0.90-pa9/pdump.c:243:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "d) Right shoulder : " );
data/omega-rpg-0.90-pa9/pdump.c:248:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "e) Belt : " );
data/omega-rpg-0.90-pa9/pdump.c:253:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "f) Belt : " );
data/omega-rpg-0.90-pa9/pdump.c:258:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "g) Belt : " );
data/omega-rpg-0.90-pa9/pdump.c:263:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "h) Shield : " );
data/omega-rpg-0.90-pa9/pdump.c:268:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "i) Armor : " );
data/omega-rpg-0.90-pa9/pdump.c:273:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "j) Boots : " );
data/omega-rpg-0.90-pa9/pdump.c:278:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "k) Cloak : " );
data/omega-rpg-0.90-pa9/pdump.c:283:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "l) Finger : " );
data/omega-rpg-0.90-pa9/pdump.c:288:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "m) Finger : " );
data/omega-rpg-0.90-pa9/pdump.c:293:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "n) Finger : " );
data/omega-rpg-0.90-pa9/pdump.c:298:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "o) Finger : " );
data/omega-rpg-0.90-pa9/pdump.c:303:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "\n[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:329:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "\n[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:356:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "\n[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:412:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Exp: %ld\n", Player.guildxp[ LEGION ] );
data/omega-rpg-0.90-pa9/pdump.c:423:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "%d opponents defeated\n", Arena_Opponent - 3 );
data/omega-rpg-0.90-pa9/pdump.c:437:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Exp: %ld\n", Player.guildxp[ COLLEGE ] );
data/omega-rpg-0.90-pa9/pdump.c:451:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "1st quest undertaken\n" );
data/omega-rpg-0.90-pa9/pdump.c:467:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Exp: %ld\n", Player.guildxp[ CIRCLE ] );
data/omega-rpg-0.90-pa9/pdump.c:483:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Exp: %ld\n", Player.guildxp[ ORDER ] );
data/omega-rpg-0.90-pa9/pdump.c:497:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Exp: %ld\n", Player.guildxp[ THIEVES ] );
data/omega-rpg-0.90-pa9/pdump.c:506:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Exp: %ld\n", Player.guildxp[ PRIESTHOOD ] );
data/omega-rpg-0.90-pa9/pdump.c:515:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cp, "Exp: %ld\n", Player.guildxp[MONKS]);
data/omega-rpg-0.90-pa9/pdump.c:525:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "\n[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:725:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:731:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "(None)\n\n" );
data/omega-rpg-0.90-pa9/pdump.c:840:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:846:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "(None)\n\n" );
data/omega-rpg-0.90-pa9/pdump.c:885:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:903:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( dump_buf, "[*] " );
data/omega-rpg-0.90-pa9/pdump.c:905:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( dump_buf, " character dump [*]\n\n" );
data/omega-rpg-0.90-pa9/pdump.c:916:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( cp, " (WIZARD)\n" );
data/omega-rpg-0.90-pa9/pdump.c:938:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol = sprintf( dump_buf, "Str : %5d [%d]", Player.str, Player.maxstr );
data/omega-rpg-0.90-pa9/pdump.c:942:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol += sprintf( cp, "HP : %5d [%d]", Player.hp, Player.maxhp );
data/omega-rpg-0.90-pa9/pdump.c:946:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Hit : %d\n", Player.hit );
data/omega-rpg-0.90-pa9/pdump.c:950:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol = sprintf( dump_buf, "Con : %5d [%d]", Player.con, Player.maxcon );
data/omega-rpg-0.90-pa9/pdump.c:954:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol += sprintf( cp, "Mana : %5ld [%ld]", Player.mana, Player.maxmana );
data/omega-rpg-0.90-pa9/pdump.c:958:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Damage : %d\n", Player.dmg );
data/omega-rpg-0.90-pa9/pdump.c:962:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol = sprintf( dump_buf, "Dex : %5d [%d]", Player.dex, Player.maxdex );
data/omega-rpg-0.90-pa9/pdump.c:966:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Defense : %d\n", Player.defense );
data/omega-rpg-0.90-pa9/pdump.c:970:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol = sprintf( dump_buf, "Agi : %5d [%d]", Player.agi, Player.maxagi );
data/omega-rpg-0.90-pa9/pdump.c:974:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Exp : %-10ld Armor : %d\n", Player.xp, Player.absorption );
data/omega-rpg-0.90-pa9/pdump.c:978:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol = sprintf( dump_buf, "Int : %5d [%d]", Player.iq, Player.maxiq );
data/omega-rpg-0.90-pa9/pdump.c:982:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Carry : %-10d Speed : %d.%d\n",
data/omega-rpg-0.90-pa9/pdump.c:987:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
curcol = sprintf( dump_buf, "Pow : %5d [%d]", Player.pow, Player.maxpow );
data/omega-rpg-0.90-pa9/pdump.c:991:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cp, "Capacity : %d\n\n", Player.maxweight );
data/omega-rpg-0.90-pa9/pdump.c:1002:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "Cash (carried/bank) : %ld / %ld\n", Player.cash, total_balance );
data/omega-rpg-0.90-pa9/pdump.c:1006:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "Current Point Total : %ld\n", calc_points() );
data/omega-rpg-0.90-pa9/pdump.c:1014:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dump_buf, "[Verification: %8.8lx]\n\n", dumpcheck );
data/omega-rpg-0.90-pa9/pdump.c:1095:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *alignment_level[ 8 ] =
data/omega-rpg-0.90-pa9/pdump.c:1112:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( Str3, "Chaos" );
data/omega-rpg-0.90-pa9/pdump.c:1114:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( Str3, "Law" );
data/omega-rpg-0.90-pa9/pdump.c:1137:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( Str2, "%ld years, ", years );
data/omega-rpg-0.90-pa9/pdump.c:1143:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( Str2, "%ld months, ", months );
data/omega-rpg-0.90-pa9/pdump.c:1149:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( Str2, "%ld days, ", days );
data/omega-rpg-0.90-pa9/pdump.c:1155:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( Str2, "%ld hours, ", hours );
data/omega-rpg-0.90-pa9/pdump.c:1161:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( Str2, "%ld minutes", minutes );
data/omega-rpg-0.90-pa9/save.c:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[200];
data/omega-rpg-0.90-pa9/save.c:75:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(savestr,"wb");
data/omega-rpg-0.90-pa9/save.c:540:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[200];
data/omega-rpg-0.90-pa9/save.c:555:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(savestr,"rb");
data/omega-rpg-0.90-pa9/save.c:588:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(savestr,"rb");
data/omega-rpg-0.90-pa9/save.c:647:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw_buf[ 64 ];
data/omega-rpg-0.90-pa9/save.c:791:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[80];
data/omega-rpg-0.90-pa9/save.c:1186:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str1,"The body of ");
data/omega-rpg-0.90-pa9/save.c:1202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[80];
data/omega-rpg-0.90-pa9/scr.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char screenLine3[SL3_LEN];
data/omega-rpg-0.90-pa9/scr.c:1317:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char instring[80],byte='x';
data/omega-rpg-0.90-pa9/scr.c:1536:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str4,"Killed by ");
data/omega-rpg-0.90-pa9/scr.c:1560:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str4,"A total master of omega");
data/omega-rpg-0.90-pa9/scr.c:1563:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str4,"retired a winner");
data/omega-rpg-0.90-pa9/scr.c:1584:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str4,"A quitter.");
data/omega-rpg-0.90-pa9/scr.c:1603:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str4,"retired, an Adept of Omega.");
data/omega-rpg-0.90-pa9/scr.c:1618:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[20];
data/omega-rpg-0.90-pa9/scr.c:1619:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(numstr,"%d",n);
data/omega-rpg-0.90-pa9/scr.c:1627:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[20];
data/omega-rpg-0.90-pa9/scr.c:1628:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(numstr,"%ld",n);
data/omega-rpg-0.90-pa9/site1.c:45:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str4," :");
data/omega-rpg-0.90-pa9/site1.c:971:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Str3," :");
data/omega-rpg-0.90-pa9/spell.c:792:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte, prefix[80];
data/omega-rpg-0.90-pa9/tools/bwt.c:84:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BWT_temporaryBuffer, buffer, length);
data/omega-rpg-0.90-pa9/tools/bwt.c:85:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BWT_temporaryBuffer+length, buffer, length);
data/omega-rpg-0.90-pa9/tools/bwt.c:149:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( temporaryBuffer, buffer, length );
data/omega-rpg-0.90-pa9/tools/crypt.c:138:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
data = tmpfile();
data/omega-rpg-0.90-pa9/tools/crypt.c:142:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(args[1],"wb");
data/omega-rpg-0.90-pa9/tools/crypt.c:152:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(args[i],"r");
data/omega-rpg-0.90-pa9/tools/decrypt.c:107:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(args[3],"w");
data/omega-rpg-0.90-pa9/tools/decrypt.c:111:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
map = atoi(args[2]);
data/omega-rpg-0.90-pa9/tools/decrypt.c:113:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(args[1],"rb");
data/omega-rpg-0.90-pa9/util.c:913:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char joinString[256], temp[256];
data/omega-rpg-0.90-pa9/aux1.c:59:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Str1,"");
data/omega-rpg-0.90-pa9/aux1.c:60:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Str2,"");
data/omega-rpg-0.90-pa9/aux1.c:106:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Str2,"");
data/omega-rpg-0.90-pa9/aux1.c:122:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Str1,")");
data/omega-rpg-0.90-pa9/aux1.c:124:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(Str2) == 0 || Current_Environment == E_MANSION ||
data/omega-rpg-0.90-pa9/aux1.c:376:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Player.meleestr) > 2*maneuvers())
data/omega-rpg-0.90-pa9/aux2.c:655:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (i < strlen(Player.meleestr)) {
data/omega-rpg-0.90-pa9/aux2.c:714:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (i<strlen(m->meleestr)) {
data/omega-rpg-0.90-pa9/aux3.c:973:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sitenames[f]) < pos || sitenames[f][pos] < byte))
data/omega-rpg-0.90-pa9/aux3.c:976:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sitenames[l]) < pos || sitenames[l][pos] > byte))
data/omega-rpg-0.90-pa9/bank.c:118:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_account->password = checkmalloc(1 + strlen(password));
data/omega-rpg-0.90-pa9/bank.c:563:11: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/omega-rpg-0.90-pa9/char.c:27:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!lname || strlen(lname) == 0)
data/omega-rpg-0.90-pa9/char.c:497:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(250000);
data/omega-rpg-0.90-pa9/char.c:499:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(250000);
data/omega-rpg-0.90-pa9/char.c:501:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(250000);
data/omega-rpg-0.90-pa9/char.c:503:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(250000);
data/omega-rpg-0.90-pa9/command2.c:268:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Str1,":");
data/omega-rpg-0.90-pa9/command2.c:1008:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fname) > FNAME_MAX_LEN)
data/omega-rpg-0.90-pa9/command2.c:1018:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fname) > FNAME_MAX_LEN - EXT_LENGTH - 1)
data/omega-rpg-0.90-pa9/command3.c:517:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!lname || strlen(lname) == 0)
data/omega-rpg-0.90-pa9/command3.c:850:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Str1) == 0)
data/omega-rpg-0.90-pa9/compress.c:547:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(*fileptr + strlen(*fileptr) - 1, "Z") != 0) {
data/omega-rpg-0.90-pa9/compress.c:550:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempname, "Z");
data/omega-rpg-0.90-pa9/compress.c:561:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((getc(infile) != (magic_header[0] & 0xFF))
data/omega-rpg-0.90-pa9/compress.c:562:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
|| (getc(infile) != (magic_header[1] & 0xFF))) {
data/omega-rpg-0.90-pa9/compress.c:568:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
maxbits = getc(infile); /* set -b from file */
data/omega-rpg-0.90-pa9/compress.c:582:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofname[strlen(*fileptr) - 1] = '\0'; /* Strip off .Z */
data/omega-rpg-0.90-pa9/compress.c:584:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(*fileptr + strlen(*fileptr) - 1, "Z") == 0) {
data/omega-rpg-0.90-pa9/compress.c:619:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp) > 12) {
data/omega-rpg-0.90-pa9/compress.c:625:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ofname, "Z");
data/omega-rpg-0.90-pa9/compress.c:637:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(2, response, 2);
data/omega-rpg-0.90-pa9/compress.c:639:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(2, response+1, 1) < 0) { /* Ack! */
data/omega-rpg-0.90-pa9/compress.c:737:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ent = getc (infile);
data/omega-rpg-0.90-pa9/compress.c:748:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c = getc(infile)) != (unsigned) EOF ) {
data/omega-rpg-0.90-pa9/compress.c:750:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c = getc(infile)) != EOF ) {
data/omega-rpg-0.90-pa9/extern.h:1132:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
void usleep( int );
data/omega-rpg-0.90-pa9/file.c:202:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(lock, Str1, strlen(Str1));
data/omega-rpg-0.90-pa9/file.c:459:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte=fgetc(fd);
data/omega-rpg-0.90-pa9/file.c:464:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte=fgetc(fd);
data/omega-rpg-0.90-pa9/file.c:527:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endpos = strlen(Str1);
data/omega-rpg-0.90-pa9/file.c:539:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endpos = strlen(Str1);
data/omega-rpg-0.90-pa9/file.c:575:6: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getchar()=='y') return(-1);
data/omega-rpg-0.90-pa9/file.c:589:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/omega-rpg-0.90-pa9/file.c:601:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/omega-rpg-0.90-pa9/file.c:625:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/omega-rpg-0.90-pa9/file.c:638:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/omega-rpg-0.90-pa9/file.c:661:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(deststr) == 0) {
data/omega-rpg-0.90-pa9/fixstr.c:83:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(sourcefp)) != EOF)
data/omega-rpg-0.90-pa9/fixstr.c:96:41: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (temp = temp_string; (*temp = getc(sourcefp)) != '"';
data/omega-rpg-0.90-pa9/gen2.c:89:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(terrain);
data/omega-rpg-0.90-pa9/genclr.c:352:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (pair->ofg) + strlen (pair->obg) > 10 ? "" : "\t",
data/omega-rpg-0.90-pa9/genclr.c:352:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (pair->ofg) + strlen (pair->obg) > 10 ? "" : "\t",
data/omega-rpg-0.90-pa9/guild1.c:500:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Arena_Monster->meleestr,"");
data/omega-rpg-0.90-pa9/inv.c:255:28: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (obj->number > 1) strcat(Str4,"s");
data/omega-rpg-0.90-pa9/inv.c:269:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
default: strcat(Str4,""); break;
data/omega-rpg-0.90-pa9/inv.c:596:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(selectstr);
data/omega-rpg-0.90-pa9/inv.c:1013:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Str1, " ");
data/omega-rpg-0.90-pa9/inv.c:1197:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Str1, " ");
data/omega-rpg-0.90-pa9/map.c:52:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = fgetc(f) &0x000000FF;
data/omega-rpg-0.90-pa9/map.c:53:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) << 8) &0x0000FF00;
data/omega-rpg-0.90-pa9/map.c:54:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) <<16) &0x00FF0000;
data/omega-rpg-0.90-pa9/map.c:55:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) <<24) &0xFF000000;
data/omega-rpg-0.90-pa9/map.c:68:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = fgetc(f) &0x000000FF;
data/omega-rpg-0.90-pa9/map.c:69:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) << 8) &0x0000FF00;
data/omega-rpg-0.90-pa9/map.c:137:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
version = fgetc(in); /* The file version */
data/omega-rpg-0.90-pa9/map.c:147:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m->width = fgetc(in); m->length = fgetc(in); m->depth = fgetc(in);
data/omega-rpg-0.90-pa9/map.c:147:39: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m->width = fgetc(in); m->length = fgetc(in); m->depth = fgetc(in);
data/omega-rpg-0.90-pa9/map.c:147:62: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m->width = fgetc(in); m->length = fgetc(in); m->depth = fgetc(in);
data/omega-rpg-0.90-pa9/mmelee.c:28:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((i < strlen(m->meleestr)) && (m->hp > 0)) {
data/omega-rpg-0.90-pa9/mmelee.c:189:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (i<strlen(Player.meleestr)) {
data/omega-rpg-0.90-pa9/mmelee.c:234:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (i<strlen(Player.meleestr)) {
data/omega-rpg-0.90-pa9/mmelee.c:270:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m->meleestr,"");
data/omega-rpg-0.90-pa9/mmelee.c:276:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (i<strlen(m->meleestr)) {
data/omega-rpg-0.90-pa9/mon.c:710:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Str2[strlen(Str2) - 1] = '\0'; /* 'cos fgets reads in the \n */
data/omega-rpg-0.90-pa9/move.c:709:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(250000);
data/omega-rpg-0.90-pa9/mspec.c:138:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy(action,"");
data/omega-rpg-0.90-pa9/omega.c:304:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(SaveFileName,argv[optind],sizeof(SaveFileName)-1);
data/omega-rpg-0.90-pa9/omega.c:310:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( SaveFileName, argv[1], sizeof(SaveFileName)-1);
data/omega-rpg-0.90-pa9/omega.c:418:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Password,"");
data/omega-rpg-0.90-pa9/pdump.c:153:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dump_name, Player.name, 27 );
data/omega-rpg-0.90-pa9/pdump.c:216:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( buf, "\n" );
data/omega-rpg-0.90-pa9/pdump.c:387:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen( buf );
data/omega-rpg-0.90-pa9/pdump.c:427:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( dump_buf, "\n" );
data/omega-rpg-0.90-pa9/pdump.c:471:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( dump_buf, "\n" );
data/omega-rpg-0.90-pa9/pdump.c:487:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( dump_buf, "\n" );
data/omega-rpg-0.90-pa9/pdump.c:538:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen( s );
data/omega-rpg-0.90-pa9/pdump.c:542:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( dump_buf, "\n" );
data/omega-rpg-0.90-pa9/pdump.c:571:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( dump_buf, "\n" );
data/omega-rpg-0.90-pa9/pdump.c:912:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( 72 > strlen( dump_buf ) )
data/omega-rpg-0.90-pa9/save.c:58:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (slashpos = strlen(savestr); slashpos > 0 && savestr[slashpos] != '/';
data/omega-rpg-0.90-pa9/save.c:132:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "Z");
data/omega-rpg-0.90-pa9/save.c:136:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp," ");
data/omega-rpg-0.90-pa9/save.c:570:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "Z");
data/omega-rpg-0.90-pa9/save.c:579:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp," ");
data/omega-rpg-0.90-pa9/scr.c:431:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (x+strlen(s) >= ScreenWidth) {
data/omega-rpg-0.90-pa9/scr.c:480:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = malloc(strlen(OMEGALIB) + strlen(TILEFILE) + 1);
data/omega-rpg-0.90-pa9/scr.c:480:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = malloc(strlen(OMEGALIB) + strlen(TILEFILE) + 1);
data/omega-rpg-0.90-pa9/scr.c:707:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(choices && strlen(choices) > 0);
data/omega-rpg-0.90-pa9/scr.c:727:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(choices && strlen(choices) > 0);
data/omega-rpg-0.90-pa9/scr.c:1305:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(150000);
data/omega-rpg-0.90-pa9/scr.c:1308:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(150000);
data/omega-rpg-0.90-pa9/scr.c:1738:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/omega-rpg-0.90-pa9/scr.c:1757:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/omega-rpg-0.90-pa9/scr.c:1776:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/omega-rpg-0.90-pa9/scr.c:2192:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Stringbuffer[pos]) + strlen(s) < 80 - 1) {
data/omega-rpg-0.90-pa9/scr.c:2192:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Stringbuffer[pos]) + strlen(s) < 80 - 1) {
data/omega-rpg-0.90-pa9/site1.c:343:8: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(250000);
data/omega-rpg-0.90-pa9/site1.c:409:8: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(250000);
data/omega-rpg-0.90-pa9/spell.c:850:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(spell_names[f]) < pos || spell_names[f][pos] < byte))
data/omega-rpg-0.90-pa9/spell.c:853:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(spell_names[l]) < pos || spell_names[l][pos] > byte))
data/omega-rpg-0.90-pa9/tools/crypt.c:199:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(code+size) != x+1 && code[size+x] != '\n' )
data/omega-rpg-0.90-pa9/tools/crypt.c:201:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
y, strlen(code+size)-1, x );
data/omega-rpg-0.90-pa9/tools/crypt.c:215:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(in);
data/omega-rpg-0.90-pa9/tools/crypt.c:222:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(in);
data/omega-rpg-0.90-pa9/tools/crypt.c:231:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(data);
data/omega-rpg-0.90-pa9/tools/decrypt.c:34:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = fgetc(f) &0x000000FF;
data/omega-rpg-0.90-pa9/tools/decrypt.c:35:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) << 8) &0x0000FF00;
data/omega-rpg-0.90-pa9/tools/decrypt.c:36:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) <<16) &0x00FF0000;
data/omega-rpg-0.90-pa9/tools/decrypt.c:37:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) <<24) &0xFF000000;
data/omega-rpg-0.90-pa9/tools/decrypt.c:50:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = fgetc(f) &0x000000FF;
data/omega-rpg-0.90-pa9/tools/decrypt.c:51:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x|= (fgetc(f) << 8) &0x0000FF00;
data/omega-rpg-0.90-pa9/tools/decrypt.c:117:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
version = fgetc(in); /* The file version */
data/omega-rpg-0.90-pa9/tools/decrypt.c:132:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = fgetc(in); y = fgetc(in); depth = fgetc(in);
data/omega-rpg-0.90-pa9/tools/decrypt.c:132:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = fgetc(in); y = fgetc(in); depth = fgetc(in);
data/omega-rpg-0.90-pa9/tools/decrypt.c:132:43: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = fgetc(in); y = fgetc(in); depth = fgetc(in);
data/omega-rpg-0.90-pa9/util.c:289:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(50000);
data/omega-rpg-0.90-pa9/util.c:347:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(50000);
data/omega-rpg-0.90-pa9/util.c:872:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(prefix) > strlen(s)) return(FALSE);
data/omega-rpg-0.90-pa9/util.c:872:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(prefix) > strlen(s)) return(FALSE);
data/omega-rpg-0.90-pa9/util.c:874:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (matched && (i<strlen(prefix))) {
data/omega-rpg-0.90-pa9/util.c:889:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0;((i<strlen(s)) && (! found));i++)
data/omega-rpg-0.90-pa9/util.c:1034:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s=checkmalloc((unsigned)(strlen(str)+1));
data/omega-rpg-0.90-pa9/util.c:1049:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte=fgetc(fd);
data/omega-rpg-0.90-pa9/util.c:1054:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
byte=fgetc(fd);
data/omega-rpg-0.90-pa9/util.c:1159:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
void usleep(int usecs)
ANALYSIS SUMMARY:
Hits = 1183
Lines analyzed = 45253 in approximately 1.32 seconds (34159 lines/second)
Physical Source Lines of Code (SLOC) = 38514
Hits@level = [0] 248 [1] 136 [2] 699 [3] 5 [4] 340 [5] 3
Hits@level+ = [0+] 1431 [1+] 1183 [2+] 1047 [3+] 348 [4+] 343 [5+] 3
Hits/KSLOC@level+ = [0+] 37.1553 [1+] 30.7161 [2+] 27.1849 [3+] 9.03568 [4+] 8.90585 [5+] 0.0778938
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.