Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openigtlink-1.11.0/Examples/ImageMeta/ImageMetaServer.cxx
Examining data/openigtlink-1.11.0/Examples/ImageMeta/ImageMetaClient.cxx
Examining data/openigtlink-1.11.0/Examples/ImageMeta/LabelMetaClient.cxx
Examining data/openigtlink-1.11.0/Examples/ImageMeta/LabelMetaServer.cxx
Examining data/openigtlink-1.11.0/Examples/Imager/ImagerServer.cxx
Examining data/openigtlink-1.11.0/Examples/Imager/ImagerClient2.cxx
Examining data/openigtlink-1.11.0/Examples/Imager/ImagerClient.cxx
Examining data/openigtlink-1.11.0/Examples/Capability/CapabilityClient.cxx
Examining data/openigtlink-1.11.0/Examples/Capability/CapabilityServer.cxx
Examining data/openigtlink-1.11.0/Examples/Tracker/TrackerClient3.cxx
Examining data/openigtlink-1.11.0/Examples/Tracker/TrackerClient2.cxx
Examining data/openigtlink-1.11.0/Examples/Tracker/TrackerServer2.cxx
Examining data/openigtlink-1.11.0/Examples/Tracker/TrackerClient.cxx
Examining data/openigtlink-1.11.0/Examples/Tracker/TrackerServer.cxx
Examining data/openigtlink-1.11.0/Examples/Bind/BindClient.cxx
Examining data/openigtlink-1.11.0/Examples/Bind/BindServer.cxx
Examining data/openigtlink-1.11.0/Examples/Point/PointClient.cxx
Examining data/openigtlink-1.11.0/Examples/Point/PointServer.cxx
Examining data/openigtlink-1.11.0/Examples/Point/PointListServer.cxx
Examining data/openigtlink-1.11.0/Examples/PolyData/PolyDataServer.cxx
Examining data/openigtlink-1.11.0/Examples/PolyData/PolyDataClient.cxx
Examining data/openigtlink-1.11.0/Examples/String/StringEchoServer.cxx
Examining data/openigtlink-1.11.0/Examples/String/StringServer.cxx
Examining data/openigtlink-1.11.0/Examples/String/StringClient.cxx
Examining data/openigtlink-1.11.0/Examples/ImageDatabaseServer/ImageDatabaseServer.cxx
Examining data/openigtlink-1.11.0/Examples/SessionManager/SessionManagerServer.cxx
Examining data/openigtlink-1.11.0/Examples/QuaternionTrackingData/QuaternionTrackingDataClient.cxx
Examining data/openigtlink-1.11.0/Examples/QuaternionTrackingData/QuaternionTrackingDataServer.cxx
Examining data/openigtlink-1.11.0/Examples/Trajectory/TrajectoryClient.cxx
Examining data/openigtlink-1.11.0/Examples/Trajectory/TrajectoryServer.cxx
Examining data/openigtlink-1.11.0/Examples/Thread/MultipleMethodExecute.cxx
Examining data/openigtlink-1.11.0/Examples/Thread/SpawnThread.cxx
Examining data/openigtlink-1.11.0/Examples/Thread/SingleMethodExecute.cxx
Examining data/openigtlink-1.11.0/Examples/TrackingData/TrackingDataClient.cxx
Examining data/openigtlink-1.11.0/Examples/TrackingData/TrackingDataServer.cxx
Examining data/openigtlink-1.11.0/Examples/Status/StatusClient.cxx
Examining data/openigtlink-1.11.0/Examples/Status/StatusServer.cxx
Examining data/openigtlink-1.11.0/Examples/Receiver/ReceiveServer.cxx
Examining data/openigtlink-1.11.0/Examples/Receiver/ReceiveClient.cxx
Examining data/openigtlink-1.11.0/Source/igtlSimpleFastMutexLock.cxx
Examining data/openigtlink-1.11.0/Source/igtlColorTableMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlServerSocket.h
Examining data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.h
Examining data/openigtlink-1.11.0/Source/igtlMultiThreader.cxx
Examining data/openigtlink-1.11.0/Source/igtlCapabilityMessage.h
Examining data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.h
Examining data/openigtlink-1.11.0/Source/igtlImageMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlUnit.h
Examining data/openigtlink-1.11.0/Source/igtlMath.h
Examining data/openigtlink-1.11.0/Source/igtlOSUtil.cxx
Examining data/openigtlink-1.11.0/Source/igtlSocket.h
Examining data/openigtlink-1.11.0/Source/igtlMessageHeader.h
Examining data/openigtlink-1.11.0/Source/igtlImageMessage2.cxx
Examining data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlSimpleFastMutexLock.h
Examining data/openigtlink-1.11.0/Source/igtlSessionManager.cxx
Examining data/openigtlink-1.11.0/Source/igtlMutexLock.cxx
Examining data/openigtlink-1.11.0/Source/igtlStringMessage.h
Examining data/openigtlink-1.11.0/Source/igtlObject.cxx
Examining data/openigtlink-1.11.0/Source/igtlTransformMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlTypes.h
Examining data/openigtlink-1.11.0/Source/igtlSmartPointer.h
Examining data/openigtlink-1.11.0/Source/igtlStringMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlConditionVariable.h
Examining data/openigtlink-1.11.0/Source/igtlMessageBase.cxx
Examining data/openigtlink-1.11.0/Source/igtlMessageBase.h
Examining data/openigtlink-1.11.0/Source/igtlObjectFactoryBase.h
Examining data/openigtlink-1.11.0/Source/igtlServerSocket.cxx
Examining data/openigtlink-1.11.0/Source/igtlMessageHandlerMacro.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_qtdata.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_image.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_trajectory.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_colortable.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_status.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_ndarray.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_qtrans.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_imgmeta.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_capability.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_ndarray.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_qtdata.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_sensor.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_header.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_position.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_capability.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_string.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_lbmeta.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_colortable.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_status.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_unit.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_header.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_trajectory.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_string.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_util.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_lbmeta.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_tdata.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_unit.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_imgmeta.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_qtrans.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_sensor.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_types.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_image.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_transform.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_transform.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_tdata.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_win32header.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_point.c
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_util.h
Examining data/openigtlink-1.11.0/Source/igtlutil/igtl_point.h
Examining data/openigtlink-1.11.0/Source/igtlTimeStamp.h
Examining data/openigtlink-1.11.0/Source/igtlMultiThreader.h
Examining data/openigtlink-1.11.0/Source/igtlMutexLock.h
Examining data/openigtlink-1.11.0/Source/igtlBindMessage.h
Examining data/openigtlink-1.11.0/Source/igtlMessageHandler.h
Examining data/openigtlink-1.11.0/Source/igtlTransformMessage.h
Examining data/openigtlink-1.11.0/Source/igtlCreateObjectFunction.h
Examining data/openigtlink-1.11.0/Source/igtlImageMessage2.h
Examining data/openigtlink-1.11.0/Source/igtlSensorMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlClientSocket.h
Examining data/openigtlink-1.11.0/Source/igtlBindMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlColorTableMessage.h
Examining data/openigtlink-1.11.0/Source/igtlPointMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlObjectFactory.h
Examining data/openigtlink-1.11.0/Source/igtlSensorMessage.h
Examining data/openigtlink-1.11.0/Source/igtlPolyDataMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlStatusMessage.h
Examining data/openigtlink-1.11.0/Source/igtlPositionMessage.h
Examining data/openigtlink-1.11.0/Source/igtlMessageFactory.cxx
Examining data/openigtlink-1.11.0/Source/igtlFastMutexLock.cxx
Examining data/openigtlink-1.11.0/Source/igtlObjectFactoryBase.cxx
Examining data/openigtlink-1.11.0/Source/igtlTimeStamp.cxx
Examining data/openigtlink-1.11.0/Source/igtlLightObject.h
Examining data/openigtlink-1.11.0/Source/igtlImageMetaMessage.h
Examining data/openigtlink-1.11.0/Source/igtlLightObject.cxx
Examining data/openigtlink-1.11.0/Source/igtlMessageFactory.h
Examining data/openigtlink-1.11.0/Source/igtlImageMessage.h
Examining data/openigtlink-1.11.0/Source/igtlObject.h
Examining data/openigtlink-1.11.0/Source/igtlClientSocket.cxx
Examining data/openigtlink-1.11.0/Source/igtlConditionVariable.cxx
Examining data/openigtlink-1.11.0/Source/igtlPolyDataMessage.h
Examining data/openigtlink-1.11.0/Source/igtlFastMutexLock.h
Examining data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.h
Examining data/openigtlink-1.11.0/Source/igtlStatusMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlSocket.cxx
Examining data/openigtlink-1.11.0/Source/igtlWindows.h
Examining data/openigtlink-1.11.0/Source/igtlMath.cxx
Examining data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.h
Examining data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlNDArrayMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlPointMessage.h
Examining data/openigtlink-1.11.0/Source/igtlPositionMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlUnit.cxx
Examining data/openigtlink-1.11.0/Source/igtlOSUtil.h
Examining data/openigtlink-1.11.0/Source/igtlWin32Header.h
Examining data/openigtlink-1.11.0/Source/igtlMacro.h
Examining data/openigtlink-1.11.0/Source/igtlCapabilityMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlSessionManager.h
Examining data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx
Examining data/openigtlink-1.11.0/Source/igtlNDArrayMessage.h
Examining data/openigtlink-1.11.0/Testing/igtlMultiThreaderTest2.cxx
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_ndarray_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_trajectory.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_status_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_point.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_imgmeta.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_lbmeta.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_transform_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_string.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_ndarray.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_colortable.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_polydata.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_util_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_header_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_sensor.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_tdata_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_image_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_bind.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_capability.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_status.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_tdata.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_position_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_polydata_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_image.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_colortable_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_string_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_transform.h
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_sensor_test.c
Examining data/openigtlink-1.11.0/Testing/igtlutil/igtl_test_data_position.h
Examining data/openigtlink-1.11.0/Testing/igtlMultiThreaderTest1.cxx
Examining data/openigtlink-1.11.0/Testing/igtlMessageFactoryTest.cxx
Examining data/openigtlink-1.11.0/Testing/igtlTimeStampTest1.cxx
Examining data/openigtlink-1.11.0/Testing/igtlSocketTest.cxx
Examining data/openigtlink-1.11.0/Testing/igtlMultiThreaderTest3.cxx
Examining data/openigtlink-1.11.0/CMake/igtlTestSocklenT.cxx
FINAL RESULTS:
data/openigtlink-1.11.0/Examples/ImageDatabaseServer/ImageDatabaseServer.cxx:362:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s/igtlTestImage%d.raw", dir, i+1);
data/openigtlink-1.11.0/Examples/Imager/ImagerClient.cxx:129:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s/igtlTestImage%d.raw", dir, i+1);
data/openigtlink-1.11.0/Examples/Imager/ImagerClient2.cxx:139:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s/igtlTestImage%d.raw", dir, i+1);
data/openigtlink-1.11.0/Examples/Imager/ImagerServer.cxx:142:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s/igtlTestImage%d.raw", dir, i+1);
data/openigtlink-1.11.0/Source/igtlPolyDataMessage.cxx:531:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attr->name, src->GetName());
data/openigtlink-1.11.0/Source/igtlStatusMessage.cxx:112:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->m_StatusMessage, this->m_StatusMessageString.c_str());
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:401:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info->attributes[i].name, ptr);
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:598:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr, info->attributes[i].name);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_status_test.c:64:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(message.err_msg, STR_ERROR_MESSAGE);
data/openigtlink-1.11.0/Source/igtlConditionVariable.cxx:48:3: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection( &m_NumberOfWaitersLock );
data/openigtlink-1.11.0/Source/igtlConditionVariable.cxx:78:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection( &m_NumberOfWaitersLock );
data/openigtlink-1.11.0/Source/igtlConditionVariable.cxx:99:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection( &m_NumberOfWaitersLock );
data/openigtlink-1.11.0/Source/igtlConditionVariable.cxx:140:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection( &m_NumberOfWaitersLock );
data/openigtlink-1.11.0/Source/igtlConditionVariable.cxx:149:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection( &m_NumberOfWaitersLock );
data/openigtlink-1.11.0/Source/igtlSimpleFastMutexLock.cxx:47:3: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&m_FastMutexLock);
data/openigtlink-1.11.0/Source/igtlSimpleFastMutexLock.cxx:82:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&m_FastMutexLock);
data/openigtlink-1.11.0/Examples/Bind/BindClient.cxx:28:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * testString[N_STRINGS] = {
data/openigtlink-1.11.0/Examples/Bind/BindClient.cxx:54:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Bind/BindServer.cxx:41:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Capability/CapabilityClient.cxx:49:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Capability/CapabilityServer.cxx:38:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/ImageDatabaseServer/ImageDatabaseServer.cxx:52:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/ImageDatabaseServer/ImageDatabaseServer.cxx:361:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openigtlink-1.11.0/Examples/ImageDatabaseServer/ImageDatabaseServer.cxx:367:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/openigtlink-1.11.0/Examples/ImageMeta/ImageMetaClient.cxx:47:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/ImageMeta/ImageMetaServer.cxx:46:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/ImageMeta/LabelMetaClient.cxx:47:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/ImageMeta/LabelMetaServer.cxx:46:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Imager/ImagerClient.cxx:47:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Imager/ImagerClient.cxx:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openigtlink-1.11.0/Examples/Imager/ImagerClient.cxx:134:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/openigtlink-1.11.0/Examples/Imager/ImagerClient2.cxx:47:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Imager/ImagerClient2.cxx:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openigtlink-1.11.0/Examples/Imager/ImagerClient2.cxx:144:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/openigtlink-1.11.0/Examples/Imager/ImagerServer.cxx:47:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Imager/ImagerServer.cxx:141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openigtlink-1.11.0/Examples/Imager/ImagerServer.cxx:147:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/openigtlink-1.11.0/Examples/Point/PointClient.cxx:41:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Point/PointListServer.cxx:63:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Point/PointServer.cxx:38:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/PolyData/PolyDataClient.cxx:47:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/PolyData/PolyDataServer.cxx:46:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/QuaternionTrackingData/QuaternionTrackingDataClient.cxx:45:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/QuaternionTrackingData/QuaternionTrackingDataServer.cxx:58:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Receiver/ReceiveClient.cxx:68:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Receiver/ReceiveServer.cxx:66:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/SessionManager/SessionManagerServer.cxx:146:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Status/StatusClient.cxx:45:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Status/StatusServer.cxx:38:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/String/StringClient.cxx:27:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * testString[N_STRINGS] = {
data/openigtlink-1.11.0/Examples/String/StringClient.cxx:51:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/String/StringEchoServer.cxx:39:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/String/StringServer.cxx:27:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * testString[N_STRINGS] = {
data/openigtlink-1.11.0/Examples/String/StringServer.cxx:49:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Tracker/TrackerClient.cxx:43:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Tracker/TrackerClient2.cxx:44:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Tracker/TrackerClient3.cxx:46:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Tracker/TrackerServer.cxx:41:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Tracker/TrackerServer2.cxx:41:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/TrackingData/TrackingDataClient.cxx:45:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/TrackingData/TrackingDataServer.cxx:58:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Examples/Trajectory/TrajectoryClient.cxx:38:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[2]);
data/openigtlink-1.11.0/Examples/Trajectory/TrajectoryServer.cxx:35:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:147:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(child->GetPackBodyPointer(),
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:221:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)ptr, bind_info.child_info_array[i].ptr, bind_info.child_info_array[i].size);
data/openigtlink-1.11.0/Source/igtlCapabilityMessage.cxx:127:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info.typenames[i], this->m_TypeNames[i].c_str(), IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlImageMessage2.cxx:446:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, this->m_Header, IGTL_HEADER_SIZE);
data/openigtlink-1.11.0/Source/igtlImageMessage2.cxx:448:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, this->m_ImageHeader, IGTL_IMAGE_HEADER_SIZE);
data/openigtlink-1.11.0/Source/igtlImageMessage2.cxx:450:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, this->m_Image, vs);
data/openigtlink-1.11.0/Source/igtlImageMessage2.cxx:698:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->m_Body, old, bodySize);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:293:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[128];
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[128];
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:154:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bodyType[13];
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:155:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deviceName[21];
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:274:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_Header, old, IGTL_HEADER_SIZE);
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:287:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_Header, mb->m_Header, IGTL_HEADER_SIZE);
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:308:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_Body, mb->m_Body, s);
data/openigtlink-1.11.0/Source/igtlNDArrayMessage.cxx:80:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->m_ByteArray, array, GetRawArraySize());
data/openigtlink-1.11.0/Source/igtlNDArrayMessage.cxx:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info.array, this->m_Array->GetRawArray(), this->m_Array->GetRawArraySize());
data/openigtlink-1.11.0/Source/igtlNDArrayMessage.cxx:288:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->m_Array->GetRawArray(), info.array, this->m_Array->GetRawArraySize());
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:264:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[128];
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:214:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[IGTL_STT_QTDATA_LEN_COORDNAME+1];
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:358:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[128];
data/openigtlink-1.11.0/Source/igtlSocket.cxx:258:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&name.sin_addr, hp->h_addr, hp->h_length);
data/openigtlink-1.11.0/Source/igtlSocket.cxx:626:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dummy[256];
data/openigtlink-1.11.0/Source/igtlStatusMessage.h:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_ErrorName[20];
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[IGTL_STT_TDATA_LEN_COORDNAME+1];
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:357:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[128];
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:323:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[128];
data/openigtlink-1.11.0/Source/igtlTransformMessage.cxx:206:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)this->m_Transform, (void*)transform, sizeof(igtl_float32)*12);
data/openigtlink-1.11.0/Source/igtlTransformMessage.cxx:217:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)transform, (void*)this->m_Transform, sizeof(igtl_float32)*12);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:133:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp64, ptr, sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:138:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(info->child_info_array[i].size), ptr, sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:316:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(info->resol), ptr, sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:321:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(info->resol), ptr, sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:372:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &tmp16, sizeof(igtl_uint16));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:377:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(info->ncmessages), sizeof(igtl_uint16));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:400:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &tmp64, sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:404:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(info->child_info_array[i].size), sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:481:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &tmp16, sizeof(igtl_uint16));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:486:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(info->ncmessages), sizeof(igtl_uint16));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:554:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp64, ptr, sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:559:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(info->resol), ptr, sizeof(igtl_uint64));
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.h:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[IGTL_HEADER_TYPE_SIZE+1]; /* Data type (OpenIGTLink Device Type string) */
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.h:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_HEADER_NAME_SIZE+1]; /* Device name */
data/openigtlink-1.11.0/Source/igtlutil/igtl_header.h:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_HEADER_TYPE_SIZE]; /* data type name */
data/openigtlink-1.11.0/Source/igtlutil/igtl_header.h:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[IGTL_HEADER_NAME_SIZE]; /* device name */
data/openigtlink-1.11.0/Source/igtlutil/igtl_image.c:190:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, header->matrix, sizeof(igtl_uint32)*12);
data/openigtlink-1.11.0/Source/igtlutil/igtl_image.c:202:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header->matrix, tmp, sizeof(igtl_uint32)*12);
data/openigtlink-1.11.0/Source/igtlutil/igtl_imgmeta.h:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_IMGMETA_LEN_NAME]; /* name / description */
data/openigtlink-1.11.0/Source/igtlutil/igtl_imgmeta.h:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[IGTL_IMGMETA_LEN_DEVICE_NAME]; /* device name to query the IMAGE and COLORT */
data/openigtlink-1.11.0/Source/igtlutil/igtl_imgmeta.h:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modality[IGTL_IMGMETA_LEN_MODALITY]; /* modality name */
data/openigtlink-1.11.0/Source/igtlutil/igtl_imgmeta.h:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patient_name[IGTL_IMGMETA_LEN_PATIENT_NAME]; /* patient name */
data/openigtlink-1.11.0/Source/igtlutil/igtl_imgmeta.h:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patient_id[IGTL_IMGMETA_LEN_PATIENT_ID]; /* patient ID (MRN etc.) */
data/openigtlink-1.11.0/Source/igtlutil/igtl_lbmeta.h:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_LBMETA_LEN_NAME]; /* name / description */
data/openigtlink-1.11.0/Source/igtlutil/igtl_lbmeta.h:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[IGTL_LBMETA_LEN_DEVICE_NAME]; /* device name to query the IMAGE */
data/openigtlink-1.11.0/Source/igtlutil/igtl_lbmeta.h:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owner[IGTL_LBMETA_LEN_OWNER];/* Device name of the owner image. (can be empty) */
data/openigtlink-1.11.0/Source/igtlutil/igtl_ndarray.c:169:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->size, size, sizeof(igtl_uint16) * dim);
data/openigtlink-1.11.0/Source/igtlutil/igtl_ndarray.c:194:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->array, ptr, (size_t)(len * igtl_ndarray_get_nbyte(info->type)));
data/openigtlink-1.11.0/Source/igtlutil/igtl_ndarray.c:288:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, info->size, sizeof(igtl_uint16) * info->dim);
data/openigtlink-1.11.0/Source/igtlutil/igtl_ndarray.c:307:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, info->array, (size_t) (len * igtl_ndarray_get_nbyte(info->type)));
data/openigtlink-1.11.0/Source/igtlutil/igtl_point.h:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_POINT_LEN_NAME]; /* Name or description of the point */
data/openigtlink-1.11.0/Source/igtlutil/igtl_point.h:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_name[IGTL_POINT_LEN_GROUP_NAME]; /* Can be "Labeled Point", "Landmark", Fiducial", ... */
data/openigtlink-1.11.0/Source/igtlutil/igtl_point.h:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owner[IGTL_POINT_LEN_OWNER];/* Device name of the ower image */
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)dst, (void*)src, size);
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[IGTL_POLY_MAX_ATTR_NAME_LEN+1];
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:316:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(info->header), header, sizeof(igtl_polydata_header));
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:331:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->points, ptr, sizeof(igtl_float32)*info->header.npoints*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:501:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header, &(info->header), sizeof(igtl_polydata_header));
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:508:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)ptr, (void*)info->points, sizeof(igtl_float32)*info->header.npoints*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:647:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, info->attributes[i].data, size);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:30:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)tmp, (void*)(pos->position), sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:34:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(pos->position), (void*)tmp, sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:37:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)tmp, (void*)(pos->quaternion), sizeof(igtl_float32)*4);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:42:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(pos->quaternion), (void*)tmp, sizeof(igtl_float32)*4);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:54:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)tmp, (void*)(pos->position), sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:58:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(pos->position), (void*)tmp, sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:70:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)tmp, (void*)(pos->position), sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:74:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(pos->position), (void*)tmp, sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:77:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)tmp, (void*)(pos->quaternion), sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_position.c:81:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(pos->quaternion), (void*)tmp, sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_qtdata.h:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_QTDATA_LEN_NAME]; /* Name of instrument / tracker */
data/openigtlink-1.11.0/Source/igtlutil/igtl_qtdata.h:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coord_name[IGTL_STT_QTDATA_LEN_COORDNAME]; /* Name of the coordinate system */
data/openigtlink-1.11.0/Source/igtlutil/igtl_qtrans.c:30:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)tmp, (void*)(pos->qtrans), sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_qtrans.c:34:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(pos->qtrans), (void*)tmp, sizeof(igtl_float32)*3);
data/openigtlink-1.11.0/Source/igtlutil/igtl_qtrans.c:37:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)tmp, (void*)(pos->quaternion), sizeof(igtl_float32)*4);
data/openigtlink-1.11.0/Source/igtlutil/igtl_qtrans.c:42:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)(pos->quaternion), (void*)tmp, sizeof(igtl_float32)*4);
data/openigtlink-1.11.0/Source/igtlutil/igtl_status.h:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_name[IGTL_STATUS_ERROR_NAME_LENGTH];
data/openigtlink-1.11.0/Source/igtlutil/igtl_tdata.h:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_TDATA_LEN_NAME]; /* Name of instrument / tracker */
data/openigtlink-1.11.0/Source/igtlutil/igtl_tdata.h:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coord_name[IGTL_STT_TDATA_LEN_COORDNAME]; /* Name of the coordinate system */
data/openigtlink-1.11.0/Source/igtlutil/igtl_trajectory.h:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IGTL_TRAJECTORY_LEN_NAME]; /* Name or description of the trajectory */
data/openigtlink-1.11.0/Source/igtlutil/igtl_trajectory.h:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_name[IGTL_TRAJECTORY_LEN_GROUP_NAME]; /* Can be "Trajectory", ... */
data/openigtlink-1.11.0/Source/igtlutil/igtl_trajectory.h:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owner_name[IGTL_TRAJECTORY_LEN_OWNER]; /* Device name of the ower image */
data/openigtlink-1.11.0/Source/igtlutil/igtl_transform.c:28:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, transform, sizeof(igtl_uint32)*12);
data/openigtlink-1.11.0/Source/igtlutil/igtl_transform.c:32:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(transform, tmp, sizeof(igtl_uint32)*12);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:123:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)body->image, (void*)test_image, TEST_IMAGE_MESSAGE_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c:35:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char body[IGTL_HEADER_TYPE_SIZE*4];
data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c:57:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)info.typenames[0], "IMAGE");
data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c:58:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)info.typenames[1], "GET_IMAGE");
data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c:59:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)info.typenames[2], "TRANSFORM");
data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c:60:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)info.typenames[3], "GET_TRANS");
data/openigtlink-1.11.0/Testing/igtlutil/igtl_image_test.c:83:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)message.image, (void*)test_image, TEST_IMAGE_MESSAGE_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_polydata_test.c:115:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(info.attributes[0].name, "attr");
data/openigtlink-1.11.0/Testing/igtlutil/igtl_status_test.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[sizeof(STR_ERROR_MESSAGE)];
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:130:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( header->name, this->m_ChildMessages[i].type.c_str(), IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:131:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( header->device_name, this->m_ChildMessages[i].name.c_str(), IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:206:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bind_info.child_info_array[i].type, (*iter).type.c_str(), IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:207:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bind_info.child_info_array[i].name, (*iter).name.c_str(), IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:289:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(type) < IGTL_HEADER_TYPE_SIZE &&
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:290:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(name) < IGTL_HEADER_NAME_SIZE)
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:336:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bind_info.child_info_array[i].type, (*iter).type.c_str(), IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:337:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bind_info.child_info_array[i].name, (*iter).name.c_str(), IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:446:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bind_info.child_info_array[i].type, (*iter).type.c_str(), IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlBindMessage.cxx:447:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bind_info.child_info_array[i].name, (*iter).name.c_str(), IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Source/igtlCapabilityMessage.cxx:78:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (id < (int)this->m_TypeNames.size() && strlen(type) < IGTL_HEADER_TYPE_SIZE)
data/openigtlink-1.11.0/Source/igtlImageMessage2.cxx:533:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(h->name, m_DefaultBodyType.c_str(), 12);
data/openigtlink-1.11.0/Source/igtlImageMessage2.cxx:536:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(h->device_name, m_DeviceName.c_str(), 20);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:50:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_IMGMETA_LEN_NAME)
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:64:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(devname) <= IGTL_IMGMETA_LEN_DEVICE_NAME)
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:78:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(modality) <= IGTL_IMGMETA_LEN_MODALITY)
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:92:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(patname) <= IGTL_IMGMETA_LEN_PATIENT_NAME)
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:106:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(patid) <= IGTL_IMGMETA_LEN_PATIENT_ID)
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:252:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->name, (*iter)->GetName(), IGTL_IMGMETA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:253:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->device_name, (*iter)->GetDeviceName(), IGTL_IMGMETA_LEN_DEVICE_NAME);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:254:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->modality, (*iter)->GetModality(), IGTL_IMGMETA_LEN_MODALITY);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:255:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->patient_name, (*iter)->GetPatientName(), IGTL_IMGMETA_LEN_PATIENT_NAME);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:256:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->patient_id, (*iter)->GetPatientID(), IGTL_IMGMETA_LEN_PATIENT_ID);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:301:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->name, IGTL_IMGMETA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:305:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->device_name, IGTL_IMGMETA_LEN_DEVICE_NAME);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:309:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->modality, IGTL_IMGMETA_LEN_MODALITY);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:313:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->patient_name, IGTL_IMGMETA_LEN_PATIENT_NAME);
data/openigtlink-1.11.0/Source/igtlImageMetaMessage.cxx:317:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->patient_id, IGTL_IMGMETA_LEN_PATIENT_ID);
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:57:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_LBMETA_LEN_NAME)
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:71:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(devname) <= IGTL_LBMETA_LEN_DEVICE_NAME)
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:154:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(owner) <= IGTL_LBMETA_LEN_OWNER)
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:229:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->name, (*iter)->GetName(), IGTL_LBMETA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:230:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->device_name, (*iter)->GetDeviceName(), IGTL_LBMETA_LEN_DEVICE_NAME);
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:247:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->owner, (*iter)->GetOwner(), IGTL_LBMETA_LEN_OWNER);
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:276:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->name, IGTL_LBMETA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:280:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->device_name, IGTL_LBMETA_LEN_DEVICE_NAME);
data/openigtlink-1.11.0/Source/igtlLabelMetaMessage.cxx:288:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->owner, IGTL_LBMETA_LEN_OWNER);
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:123:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(h->name, m_DefaultBodyType.c_str(), 12);
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:126:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(h->device_name, m_DeviceName.c_str(), 20);
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:159:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bodyType, h->name, 12);
data/openigtlink-1.11.0/Source/igtlMessageBase.cxx:160:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(deviceName, h->device_name, 20);
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:55:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_POINT_LEN_NAME)
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:69:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(grpname) <= IGTL_POINT_LEN_GROUP_NAME)
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:150:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(owner) <= IGTL_POINT_LEN_OWNER)
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:225:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->name, (*iter)->GetName(), IGTL_POINT_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:226:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->group_name, (*iter)->GetGroupName(), IGTL_POINT_LEN_GROUP_NAME);
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:243:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->owner, (*iter)->GetOwner(), IGTL_POINT_LEN_OWNER);
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:272:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->name, IGTL_POINT_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:276:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->group_name, IGTL_POINT_LEN_GROUP_NAME);
data/openigtlink-1.11.0/Source/igtlPointMessage.cxx:284:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->owner, IGTL_POINT_LEN_OWNER);
data/openigtlink-1.11.0/Source/igtlPolyDataMessage.cxx:528:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
attr->name = (char *) malloc(strlen(src->GetName())+1);
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:56:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_QTDATA_LEN_NAME)
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:172:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_STT_QTDATA_LEN_COORDNAME)
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:197:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stt_qtdata->coord_name, this->m_CoordinateName.c_str(), IGTL_STT_QTDATA_LEN_COORDNAME);
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:216:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, stt_qtdata->coord_name, IGTL_STT_QTDATA_LEN_COORDNAME);
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:322:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->name, (*iter)->GetName(), IGTL_QTDATA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlQuaternionTrackingDataMessage.cxx:366:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->name, IGTL_QTDATA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlStatusMessage.cxx:74:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->m_ErrorName, name, IGTL_STATUS_ERROR_NAME_LENGTH);
data/openigtlink-1.11.0/Source/igtlStatusMessage.cxx:111:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(status_header->error_name, this->m_ErrorName, IGTL_STATUS_ERROR_NAME_LENGTH);
data/openigtlink-1.11.0/Source/igtlStatusMessage.cxx:130:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(this->m_ErrorName, status_header->error_name, IGTL_STATUS_ERROR_NAME_LENGTH);
data/openigtlink-1.11.0/Source/igtlStringMessage.cxx:42:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(string) > 0xFFFF) /* If the length is beyond the range of unsigned short */
data/openigtlink-1.11.0/Source/igtlStringMessage.cxx:103:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(string, this->m_String.c_str(), string_header->length);
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:48:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_TDATA_LEN_NAME)
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:176:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_STT_TDATA_LEN_COORDNAME)
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:201:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stt_tdata->coord_name, this->m_CoordinateName.c_str(), IGTL_STT_TDATA_LEN_COORDNAME);
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:220:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, stt_tdata->coord_name, IGTL_STT_TDATA_LEN_COORDNAME);
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:326:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->name, (*iter)->GetName(), IGTL_TDATA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlTrackingDataMessage.cxx:365:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->name, IGTL_TDATA_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:59:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) <= IGTL_TRAJECTORY_LEN_NAME)
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:73:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(grpname) <= IGTL_TRAJECTORY_LEN_GROUP_NAME)
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:203:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(owner) <= IGTL_TRAJECTORY_LEN_OWNER)
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:277:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->name, (*iter)->GetName(), IGTL_TRAJECTORY_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:278:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->group_name, (*iter)->GetGroupName(), IGTL_TRAJECTORY_LEN_GROUP_NAME);
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:302:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)element->owner_name, (*iter)->GetOwner(), IGTL_TRAJECTORY_LEN_OWNER);
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:331:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->name, IGTL_TRAJECTORY_LEN_NAME);
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:335:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->group_name, IGTL_TRAJECTORY_LEN_GROUP_NAME);
data/openigtlink-1.11.0/Source/igtlTrajectoryMessage.cxx:346:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(strbuf, (char*)element->owner_name, IGTL_TRAJECTORY_LEN_OWNER);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:126:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->child_info_array[i].type, (char*)ptr, IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:171:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->child_info_array[i].name, ptr, IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:173:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(info->child_info_array[i].name);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:247:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->child_info_array[i].type, (char*)ptr, IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:279:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->child_info_array[i].name, ptr, IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:281:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(info->child_info_array[i].name);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:387:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)ptr, info->child_info_array[i].type, IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:417:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(info->child_info_array[i].name);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:423:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr, info->child_info_array[i].name, len+1);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:495:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)ptr, info->child_info_array[i].type, IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:506:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(info->child_info_array[i].name);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:512:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr, info->child_info_array[i].name, len+1);
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:609:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ntable_size += strlen(info->child_info_array[i].name) + 1;
data/openigtlink-1.11.0/Source/igtlutil/igtl_bind.c:647:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ntable_size += strlen(info->child_info_array[i].name) + 1;
data/openigtlink-1.11.0/Source/igtlutil/igtl_capability.c:131:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)info->typenames[i], (char*)ptr, IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_capability.c:160:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)ptr, (char*)info->typenames[i], IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:397:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_length = strlen(ptr);
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:593:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_length = strlen(info->attributes[i].name);
data/openigtlink-1.11.0/Source/igtlutil/igtl_polydata.c:681:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(info->attributes[i].name);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:202:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(bind_info.child_info_array[0].type, "TRANSFORM", IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:203:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(bind_info.child_info_array[0].name, "ChildTrans", IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:207:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(bind_info.child_info_array[1].type, "IMAGE", IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:208:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(bind_info.child_info_array[1].name, "ChildImage", IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:212:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(bind_info.child_info_array[2].type, "SENSOR", IGTL_HEADER_TYPE_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:213:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(bind_info.child_info_array[2].name, "ChildSensor", IGTL_HEADER_NAME_SIZE);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:238:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(header.name), "BIND", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_bind_test.c:239:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c:66:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "CAPABILITY", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_capability_test.c:67:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_colortable_test.c:74:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "COLORTABLE", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_colortable_test.c:75:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_header_test.c:52:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( header.name, "TYPENAME", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_header_test.c:53:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( header.device_name, "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_image_test.c:93:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "IMAGE", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_image_test.c:94:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:55:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].name), "IMAGE_DESCRIPTION_0", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:56:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].device_name), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:57:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].modality), "CT", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:58:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].patient_name), "PATIENT_0", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:59:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].patient_id), "PATIENT_ID_0", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:68:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].name), "IMAGE_DESCRIPTION_1", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:69:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].device_name), "IMAGE_1", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:70:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].modality), "MRI", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:71:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].patient_name), "PATIENT_1", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:72:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].patient_id), "PATIENT_ID_1", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:81:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].name), "IMAGE_DESCRIPTION_2", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:82:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].device_name), "IMAGE_2", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:83:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].modality), "PET", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:84:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].patient_name), "PATIENT_2", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:85:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].patient_id), "PATIENT_ID_2", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:98:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "IMGMETA", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_imgmeta_test.c:99:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:55:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].name), "LABEL_DESCRIPTION_0", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:56:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].device_name), "LABEL_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:66:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[0].owner), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:69:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].name), "LABEL_DESCRIPTION_1", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:70:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].device_name), "LABEL_1", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:80:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[1].owner), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:83:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].name), "LABEL_DESCRIPTION_2", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:84:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].device_name), "LABEL_2", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:94:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.metalist[2].owner), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:101:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "LBMETA", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_lbmeta_test.c:102:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_ndarray_test.c:93:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(header.name), "NDARRAY", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_ndarray_test.c:94:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:56:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[0].name), "POINT_DESCRIPTION_0", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:57:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[0].group_name), "Landmark", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:66:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[0].owner), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:69:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[1].name), "POINT_DESCRIPTION_1", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:70:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[1].group_name), "Landmark", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:79:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[1].owner), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:82:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[2].name), "POINT_DESCRIPTION_2", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:83:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[2].group_name), "Landmark", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:92:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.pointlist[2].owner), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:99:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "POINT", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_point_test.c:100:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_polydata_test.c:138:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(header.name), "POLYDATA", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_polydata_test.c:139:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_position_test.c:67:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "POSITION", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_position_test.c:68:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_sensor_test.c:84:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "SENSOR", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_sensor_test.c:85:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_status_test.c:65:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message.status.error_name, STR_ERROR_NAME, 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_status_test.c:71:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "STATUS", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_status_test.c:72:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_string_test.c:63:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)message.string, IGTL_STRING_TEST_STRING, IGTL_STRING_TEST_STRING_LEN);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_string_test.c:68:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "STRING", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_string_test.c:69:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_tdata_test.c:55:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[0].name), "Tracker0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_tdata_test.c:72:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[1].name), "Tracker1", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_tdata_test.c:89:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[2].name), "Tracker2", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_tdata_test.c:111:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "TDATA", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_tdata_test.c:112:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:55:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[0].name), "TRAJECTORY_DESCRIPTION_0", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:56:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[0].group_name), "TRAJECTORY", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:70:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[0].owner_name), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:73:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[1].name), "TRAJECTORY_DESCRIPTION_1", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:74:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[1].group_name), "TRAJECTORY", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:88:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[1].owner_name), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:91:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[2].name), "TRAJECTORY_DESCRIPTION_2", 64);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:92:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[2].group_name), "TRAJECTORY", 32);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:106:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy((char*)&(message.tlist[2].owner_name), "IMAGE_0", 20);
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:113:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "TRAJ", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_trajectory_test.c:114:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_transform_test.c:64:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.name), "TRANSFORM", 12 );
data/openigtlink-1.11.0/Testing/igtlutil/igtl_transform_test.c:65:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( (char*)&(message.header.device_name), "DeviceName", 20 );
ANALYSIS SUMMARY:
Hits = 347
Lines analyzed = 36737 in approximately 0.96 seconds (38102 lines/second)
Physical Source Lines of Code (SLOC) = 21428
Hits@level = [0] 39 [1] 183 [2] 148 [3] 7 [4] 9 [5] 0
Hits@level+ = [0+] 386 [1+] 347 [2+] 164 [3+] 16 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 18.0138 [1+] 16.1938 [2+] 7.65354 [3+] 0.746687 [4+] 0.420011 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.