Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/orage-4.12.1/globaltime/gt_prefs.c
Examining data/orage-4.12.1/globaltime/globaltime.h
Examining data/orage-4.12.1/globaltime/timezone_selection.h
Examining data/orage-4.12.1/globaltime/globaltime.c
Examining data/orage-4.12.1/globaltime/gt_parfile.c
Examining data/orage-4.12.1/globaltime/timezone_selection.c
Examining data/orage-4.12.1/libical/src/libical/icaltimezone.h
Examining data/orage-4.12.1/libical/src/libical/icalvalue.h
Examining data/orage-4.12.1/libical/src/libical/icalduration.c
Examining data/orage-4.12.1/libical/src/libical/icalrecur.c
Examining data/orage-4.12.1/libical/src/libical/icalvalue.c
Examining data/orage-4.12.1/libical/src/libical/icallangbind.c
Examining data/orage-4.12.1/libical/src/libical/icaltime.c
Examining data/orage-4.12.1/libical/src/libical/icaltimezone.c
Examining data/orage-4.12.1/libical/src/libical/icalperiod.c
Examining data/orage-4.12.1/libical/src/libical/icalrecur.h
Examining data/orage-4.12.1/libical/src/libical/icalmemory.h
Examining data/orage-4.12.1/libical/src/libical/icalarray.c
Examining data/orage-4.12.1/libical/src/libical/icalperiod.h
Examining data/orage-4.12.1/libical/src/libical/icalproperty.c
Examining data/orage-4.12.1/libical/src/libical/icalattachimpl.h
Examining data/orage-4.12.1/libical/src/libical/icalmime.h
Examining data/orage-4.12.1/libical/src/libical/icalcomponent.h
Examining data/orage-4.12.1/libical/src/libical/astime.h
Examining data/orage-4.12.1/libical/src/libical/icaltypes.c
Examining data/orage-4.12.1/libical/src/libical/icalparameter.c
Examining data/orage-4.12.1/libical/src/libical/icalrestriction.h
Examining data/orage-4.12.1/libical/src/libical/icalparameter.h
Examining data/orage-4.12.1/libical/src/libical/icalvalueimpl.h
Examining data/orage-4.12.1/libical/src/libical/pvl.c
Examining data/orage-4.12.1/libical/src/libical/icallangbind.h
Examining data/orage-4.12.1/libical/src/libical/icalparser.c
Examining data/orage-4.12.1/libical/src/libical/icaltypes.h
Examining data/orage-4.12.1/libical/src/libical/icalmime.c
Examining data/orage-4.12.1/libical/src/libical/icalenums.h
Examining data/orage-4.12.1/libical/src/libical/icalmemory.c
Examining data/orage-4.12.1/libical/src/libical/vsnprintf.c
Examining data/orage-4.12.1/libical/src/libical/icalattach.c
Examining data/orage-4.12.1/libical/src/libical/icalerror.c
Examining data/orage-4.12.1/libical/src/libical/sspm.h
Examining data/orage-4.12.1/libical/src/libical/icalcomponent.c
Examining data/orage-4.12.1/libical/src/libical/sspm.c
Examining data/orage-4.12.1/libical/src/libical/pvl.h
Examining data/orage-4.12.1/libical/src/libical/icalparser.h
Examining data/orage-4.12.1/libical/src/libical/icalproperty.h
Examining data/orage-4.12.1/libical/src/libical/caldate.c
Examining data/orage-4.12.1/libical/src/libical/icalerror.h
Examining data/orage-4.12.1/libical/src/libical/icalarray.h
Examining data/orage-4.12.1/libical/src/libical/icaltime.h
Examining data/orage-4.12.1/libical/src/libical/icalduration.h
Examining data/orage-4.12.1/libical/src/libical/icalparameterimpl.h
Examining data/orage-4.12.1/libical/src/libical/icalattach.h
Examining data/orage-4.12.1/libical/src/libical/icalenums.c
Examining data/orage-4.12.1/libical/src/libicalss/icalss.h
Examining data/orage-4.12.1/libical/src/libicalss/icaldirset.h
Examining data/orage-4.12.1/libical/src/libicalss/icalclassify.h
Examining data/orage-4.12.1/libical/src/libicalss/icalspanlist.h
Examining data/orage-4.12.1/libical/src/libicalss/icalcluster.h
Examining data/orage-4.12.1/libical/src/libicalss/icalcalendar.c
Examining data/orage-4.12.1/libical/src/libicalss/icalfileset.c
Examining data/orage-4.12.1/libical/src/libicalss/icalssyacc.c
Examining data/orage-4.12.1/libical/src/libicalss/icalgauge.h
Examining data/orage-4.12.1/libical/src/libicalss/icalgaugeimpl.h
Examining data/orage-4.12.1/libical/src/libicalss/icalmessage.h
Examining data/orage-4.12.1/libical/src/libicalss/icaldirset.c
Examining data/orage-4.12.1/libical/src/libicalss/icalspanlist.c
Examining data/orage-4.12.1/libical/src/libicalss/icalcalendar.h
Examining data/orage-4.12.1/libical/src/libicalss/icalcluster.c
Examining data/orage-4.12.1/libical/src/libicalss/icalset.c
Examining data/orage-4.12.1/libical/src/libicalss/icalfilesetimpl.h
Examining data/orage-4.12.1/libical/src/libicalss/icalmessage.c
Examining data/orage-4.12.1/libical/src/libicalss/icalsslexer.c
Examining data/orage-4.12.1/libical/src/libicalss/icalgauge.c
Examining data/orage-4.12.1/libical/src/libicalss/icaldirsetimpl.h
Examining data/orage-4.12.1/libical/src/libicalss/icalset.h
Examining data/orage-4.12.1/libical/src/libicalss/icalclassify.c
Examining data/orage-4.12.1/libical/src/libicalss/icalclusterimpl.h
Examining data/orage-4.12.1/libical/src/libicalss/icalssyacc.h
Examining data/orage-4.12.1/libical/src/libicalss/icalfileset.h
Examining data/orage-4.12.1/tz_convert/tz_convert.c
Examining data/orage-4.12.1/src/timezone_names.c
Examining data/orage-4.12.1/src/ical-expimp.c
Examining data/orage-4.12.1/src/orage-i18n.h
Examining data/orage-4.12.1/src/appointment.h
Examining data/orage-4.12.1/src/event-list.c
Examining data/orage-4.12.1/src/main.c
Examining data/orage-4.12.1/src/orage-dbus-object.c
Examining data/orage-4.12.1/src/ical-internal.h
Examining data/orage-4.12.1/src/day-view.h
Examining data/orage-4.12.1/src/event-list.h
Examining data/orage-4.12.1/src/orage-dbus-client.c
Examining data/orage-4.12.1/src/reminder.c
Examining data/orage-4.12.1/src/ical-archive.c
Examining data/orage-4.12.1/src/mainbox.h
Examining data/orage-4.12.1/src/tray_icon.h
Examining data/orage-4.12.1/src/about-xfcalendar.c
Examining data/orage-4.12.1/src/parameters.c
Examining data/orage-4.12.1/src/timezone_selection.h
Examining data/orage-4.12.1/src/orage-dbus-service.h
Examining data/orage-4.12.1/src/interface.h
Examining data/orage-4.12.1/src/orage-dbus.h
Examining data/orage-4.12.1/src/reminder.h
Examining data/orage-4.12.1/src/orage-dbus-client.h
Examining data/orage-4.12.1/src/functions.h
Examining data/orage-4.12.1/src/parameters_internal.h
Examining data/orage-4.12.1/src/day-view.c
Examining data/orage-4.12.1/src/tz_zoneinfo_read.h
Examining data/orage-4.12.1/src/interface.c
Examining data/orage-4.12.1/src/tray_icon.c
Examining data/orage-4.12.1/src/about-xfcalendar.h
Examining data/orage-4.12.1/src/ical-code.h
Examining data/orage-4.12.1/src/timezone_selection.c
Examining data/orage-4.12.1/src/mainbox.c
Examining data/orage-4.12.1/src/orage-dbus-object.h
Examining data/orage-4.12.1/src/appointment.c
Examining data/orage-4.12.1/src/functions.c
Examining data/orage-4.12.1/src/ical-code.c
Examining data/orage-4.12.1/src/parameters.h
Examining data/orage-4.12.1/src/tz_zoneinfo_read.c
Examining data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c
Examining data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.h
Examining data/orage-4.12.1/panel-plugin/oc_config.c
Examining data/orage-4.12.1/panel-plugin/timezone_selection.h
Examining data/orage-4.12.1/panel-plugin/timezone_selection.c
FINAL RESULTS:
data/orage-4.12.1/globaltime/globaltime.c:277:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, _("%s\nclick to modify clock"), clockp->tz->str);
data/orage-4.12.1/globaltime/gt_prefs.c:148:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "<b>%s</b>", text);
data/orage-4.12.1/libical/src/libical/icalcomponent.c:2255:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (new_tzid + tzid_len, suffix_buf);
data/orage-4.12.1/libical/src/libical/icalduration.c:44:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalduration.c:44:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icallangbind.c:30:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icallangbind.c:30:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalmemory.c:232:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b,str);
data/orage-4.12.1/libical/src/libical/icalmemory.c:327:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*pos, string);
data/orage-4.12.1/libical/src/libical/icalmime.c:42:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalmime.c:42:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalmime.c:241:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,str);
data/orage-4.12.1/libical/src/libical/icalparameter.c:275:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_buf, buf);
data/orage-4.12.1/libical/src/libical/icalparser.c:70:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalparser.c:70:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalparser.c:932:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,"Cant parse as %s value in %s property. Removing entire property",
data/orage-4.12.1/libical/src/libical/icalparser.c:960:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,"No value for %s property. Removing entire property",
data/orage-4.12.1/libical/src/libical/icalproperty.c:48:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalproperty.c:48:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalproperty.c:362:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (out_buf, buf);
data/orage-4.12.1/libical/src/libical/icalrecur.c:162:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalrecur.c:162:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icaltime.c:54:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icaltime.c:54:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icaltime.c:340:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, size,fmt,tt.year,tt.month,tt.day,
data/orage-4.12.1/libical/src/libical/icaltimezone.c:43:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icaltimezone.c:43:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icaltimezone.c:422:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tznames, standard_tzname);
data/orage-4.12.1/libical/src/libical/icaltimezone.c:424:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tznames + standard_len + 1, daylight_tzname);
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1441:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (buf, "%4d%2d%2d %4d%2d%2d %s",
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1647:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "%s%02i%02i", sign, hours, minutes);
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1649:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "%s%02i%02i%02i", sign, hours, minutes, seconds);
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1662:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(zone_files_directory,path);
data/orage-4.12.1/libical/src/libical/icaltypes.c:39:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icaltypes.c:39:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalvalue.c:51:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalvalue.c:51:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/icalvalue.c:108:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new->id, old->id);
data/orage-4.12.1/libical/src/libical/icalvalue.c:324:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,"%s Values are not implemented",
data/orage-4.12.1/libical/src/libical/icalvalue.c:698:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str,data);
data/orage-4.12.1/libical/src/libical/icalvalue.c:802:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, url);
data/orage-4.12.1/libical/src/libical/icalvalue.c:829:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str,temp);
data/orage-4.12.1/libical/src/libical/icalvalue.c:839:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str,temp);
data/orage-4.12.1/libical/src/libical/icalvalue.c:1301:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szEncText, ptr);
data/orage-4.12.1/libical/src/libical/sspm.c:49:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/sspm.c:49:23: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libical/sspm.c:183:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,p);
data/orage-4.12.1/libical/src/libical/sspm.c:680:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boundary,line);
data/orage-4.12.1/libical/src/libical/sspm.c:722:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boundary,line);
data/orage-4.12.1/libical/src/libical/sspm.c:746:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data,line);
data/orage-4.12.1/libical/src/libical/sspm.c:823:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boundary,line);
data/orage-4.12.1/libical/src/libical/sspm.c:956:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(header_lines[current_line],buf);
data/orage-4.12.1/libical/src/libical/sspm.c:991:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(last_line,buf_start);
data/orage-4.12.1/libical/src/libical/sspm.c:1310:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf->pos, string);
data/orage-4.12.1/libical/src/libical/sspm.c:1481:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,"Content-Type: %s/%s",major,minor);
data/orage-4.12.1/libical/src/libical/sspm.c:1486:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,";boundary=\"%s\"",header->boundary);
data/orage-4.12.1/libical/src/libical/sspm.c:1493:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp,header->content_type_params[i]);
data/orage-4.12.1/libical/src/libical/sspm.c:1505:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,"Content-Transfer-Encoding: %s\n",
data/orage-4.12.1/libical/src/libical/vsnprintf.c:107:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(char *str, size_t n, char const *fmt, va_list ap)
data/orage-4.12.1/libical/src/libical/vsnprintf.c:109:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(str, n, fmt, ap)
data/orage-4.12.1/libical/src/libical/vsnprintf.c:134:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vsprintf(p, fmt, ap);
data/orage-4.12.1/libical/src/libical/vsnprintf.c:143:1: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(char *str, size_t n, char const *fmt, ...)
data/orage-4.12.1/libical/src/libical/vsnprintf.c:145:1: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, n, fmt, va_alist)
data/orage-4.12.1/libical/src/libical/vsnprintf.c:159:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return (vsnprintf(str, n, fmt, ap));
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:88:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,impl->dir);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:90:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path,BOOKED_DIR);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:195:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir,impl->dir);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:197:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir,BOOKED_DIR);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:215:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,impl->dir);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:217:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path,INCOMING_FILE);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:232:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,impl->dir);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:234:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path,PROP_FILE);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:249:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path,impl->dir);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:251:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path,FBLIST_FILE);
data/orage-4.12.1/libical/src/libicalss/icalcluster.c:65:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libicalss/icalcluster.c:65:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libicalss/icalcluster.c:81:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(impl->id,ICALCLUSTER_ID);
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:87:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:87:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:318:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename,"%s/%s",dset->dir,"SEQUENCE");
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:377:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path,"%s/%s", dset->dir,(char*)pvl_data(dset->directory_iterator));
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:402:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(uidstring,"%d-%s",(int)getpid(),unamebuf.nodename);
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:404:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(uidstring,"%d-%s",(int)getpid(),"WINDOWS"); /* FIX: There must be an easy get the system name */
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:410:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uidstring,icalproperty_get_uid(uid));
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:50:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:50:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:364:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(system(tmp) < 0){
data/orage-4.12.1/libical/src/libicalss/icalmessage.c:162:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp,
data/orage-4.12.1/libical/src/libicalss/icalmessage.c:165:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp,
data/orage-4.12.1/libical/src/libicalss/icalset.c:183:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, path);
data/orage-4.12.1/libical/src/libicalss/icalset.c:197:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bufptr, dp->d_name);
data/orage-4.12.1/libical/src/libicalss/icalssyacc.c:469:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:153:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(clock->tooltip_prev, res);
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:180:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line->prev, res);
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:484:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
|| sscanf(ret, OC_RC_COLOR
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:488:18: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
gint i = sscanf(ret, OC_RC_COLOR , (unsigned int *)&color.red , (unsigned int *)&color.green , (unsigned int *)&color.blue);
data/orage-4.12.1/src/appointment.c:1906:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(color, ORAGE_COLOR_FORMAT, &red, &green, &blue);
data/orage-4.12.1/src/ical-code.c:4189:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(tmp, "UID:%sXFICAL_UID_LEN", ical_uid);
data/orage-4.12.1/src/ical-code.c:4192:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(uid, "UID:%sXFICAL_UID_LEN", ical_uid);
data/orage-4.12.1/src/reminder.c:874:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(cmd);
data/orage-4.12.1/src/reminder.c:1105:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(cur_alarm->alarm_time, XFICAL_APPT_DATE_FORMAT
data/orage-4.12.1/src/reminder.c:1110:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(cur_alarm->alarm_time, XFICAL_APPT_TIME_FORMAT
data/orage-4.12.1/src/tz_zoneinfo_read.c:793:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(zone_tab_file_name, tz_dir);
data/orage-4.12.1/src/tz_zoneinfo_read.c:794:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(zone_tab_file_name, ZONETAB_FILE);
data/orage-4.12.1/src/tz_zoneinfo_read.c:850:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(country_file_name, tz_dir);
data/orage-4.12.1/src/tz_zoneinfo_read.c:851:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(country_file_name, COUNTRY_FILE);
data/orage-4.12.1/tz_convert/tz_convert.c:1427:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "+0000000 -0000000 %s\n", timezone_name);
data/orage-4.12.1/src/interface.c:1008:29: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
file = g_build_filename(g_get_home_dir(), "orage_export.ics", NULL);
data/orage-4.12.1/globaltime/globaltime.c:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char env_tz[256];
data/orage-4.12.1/globaltime/globaltime.c:399:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clocks.time_now, "%02d:%02d", now->tm_hour, now->tm_min);
data/orage-4.12.1/globaltime/globaltime.c:401:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clocks.time_now, "%02d:%02d-", now->tm_hour, now->tm_min);
data/orage-4.12.1/globaltime/globaltime.c:403:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clocks.time_now, "%02d:%02d+", now->tm_hour, now->tm_min);
data/orage-4.12.1/globaltime/globaltime.c:529:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(clocks.time_now, "88:88");
data/orage-4.12.1/globaltime/gt_parfile.c:52:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%uR %uG %uB", color->red, color->green, color->blue);
data/orage-4.12.1/globaltime/gt_prefs.c:365:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env_tz[256];
data/orage-4.12.1/globaltime/timezone_selection.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area_old[MAX_AREA_LENGTH+2]; /*+2 = / + null */
data/orage-4.12.1/globaltime/timezone_selection.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_offset[100], s_country[100], s_changes[200], s_change[50]
data/orage-4.12.1/globaltime/timezone_selection.c:92:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(area_old, "S T a R T"); /* this never matches */
data/orage-4.12.1/libical/src/libical/icalarray.c:88:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *)(array->data) + ( array->num_elements * array->element_size ), element,
data/orage-4.12.1/libical/src/libical/icalarray.c:152:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data,array->data,array->element_size*array->space_allocated);
data/orage-4.12.1/libical/src/libical/icalcomponent.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[5];
data/orage-4.12.1/libical/src/libical/icalcomponent.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(comp->id,"comp");
data/orage-4.12.1/libical/src/libical/icalcomponent.c:1256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/orage-4.12.1/libical/src/libical/icalcomponent.c:2191:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tzid_copy, *new_tzid, suffix_buf[32];
data/orage-4.12.1/libical/src/libical/icalcomponent.c:2237:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
suffix = atoi (existing_tzid + existing_tzid_len);
data/orage-4.12.1/libical/src/libical/icalcomponent.c:2247:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (suffix_buf, "%i", max_suffix + 1);
data/orage-4.12.1/libical/src/libical/icalduration.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[32];
data/orage-4.12.1/libical/src/libical/icalenums.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[36];
data/orage-4.12.1/libical/src/libical/icalenums.c:115:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpbuf, "%i.%i", major, minor);
data/orage-4.12.1/libical/src/libical/icalerror.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[160];
data/orage-4.12.1/libical/src/libical/icallangbind.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[25];
data/orage-4.12.1/libical/src/libical/icalmime.c:193:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mimetype[TMPSZ];
data/orage-4.12.1/libical/src/libical/icalmime.c:213:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/orage-4.12.1/libical/src/libical/icalparameter.c:59:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(v->id,"para");
data/orage-4.12.1/libical/src/libical/icalparameter.c:128:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new,old,sizeof(struct icalparameter_impl));
data/orage-4.12.1/libical/src/libical/icalparameterimpl.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[5];
data/orage-4.12.1/libical/src/libical/icalparser.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TMP_BUF_SIZE];
data/orage-4.12.1/libical/src/libical/icalparser.c:518:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/orage-4.12.1/libical/src/libical/icalparser.c:927:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[200]; /* HACK */
data/orage-4.12.1/libical/src/libical/icalparser.c:955:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[200]; /* HACK */
data/orage-4.12.1/libical/src/libical/icalproperty.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[5];
data/orage-4.12.1/libical/src/libical/icalproperty.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prop->id,"prop");
data/orage-4.12.1/libical/src/libical/icalrecur.c:306:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v = atoi(t) * sign ;
data/orage-4.12.1/libical/src/libical/icalrecur.c:448:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parser.rt.count = atoi(value);
data/orage-4.12.1/libical/src/libical/icalrecur.c:452:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parser.rt.interval = (short)atoi(value);
data/orage-4.12.1/libical/src/libical/icalrecur.c:520:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[20];
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024]; /* Used to store each line of zones.tab as it is read. */
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[1024]; /* Stores the city name when parsing buf. */
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1430:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (filename, "r");
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1509:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (filename, "r");
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1587:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8];
data/orage-4.12.1/libical/src/libical/icalvalue.c:79:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(v->id,"val");
data/orage-4.12.1/libical/src/libical/icalvalue.c:151:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new->data.v_recur, old->data.v_recur,
data/orage-4.12.1/libical/src/libical/icalvalue.c:323:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TMP_BUF_SIZE];
data/orage-4.12.1/libical/src/libical/icalvalue.c:359:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = icalvalue_new_integer(atoi(str));
data/orage-4.12.1/libical/src/libical/icalvalue.c:409:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TMP_BUF_SIZE];
data/orage-4.12.1/libical/src/libical/icalvalue.c:410:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"GEO Values are not implemented");
data/orage-4.12.1/libical/src/libical/icalvalue.c:518:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TMP_BUF_SIZE];
data/orage-4.12.1/libical/src/libical/icalvalue.c:536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TMP_BUF_SIZE];
data/orage-4.12.1/libical/src/libical/icalvalue.c:640:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"icalvalue_binary_as_ical_string is not implemented yet");
data/orage-4.12.1/libical/src/libical/icalvalue.c:682:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"%c%02d%02d%02d",sign,abs(h),abs(m),abs(s));
data/orage-4.12.1/libical/src/libical/icalvalue.c:684:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"%c%02d%02d",sign,abs(h),abs(m));
data/orage-4.12.1/libical/src/libical/icalvalue.c:821:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[20];
data/orage-4.12.1/libical/src/libical/icalvalue.c:824:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"%02d%02d%02dZ",data->hour,data->minute,data->second);
data/orage-4.12.1/libical/src/libical/icalvalue.c:826:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"%02d%02d%02d",data->hour,data->minute,data->second);
data/orage-4.12.1/libical/src/libical/icalvalue.c:835:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[20];
data/orage-4.12.1/libical/src/libical/icalvalue.c:837:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"%04d%02d%02d",data->year,data->month,data->day);
data/orage-4.12.1/libical/src/libical/icalvalue.c:900:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"%f",data);
data/orage-4.12.1/libical/src/libical/icalvalue.c:915:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"%f;%f",data.lat,data.lon);
data/orage-4.12.1/libical/src/libical/icalvalueimpl.h:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[5];
data/orage-4.12.1/libical/src/libical/sspm.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TMP_BUF_SIZE];
data/orage-4.12.1/libical/src/libical/sspm.c:152:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[1024];
data/orage-4.12.1/libical/src/libical/sspm.c:199:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[1024];
data/orage-4.12.1/libical/src/libical/sspm.c:213:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char value[1024];
data/orage-4.12.1/libical/src/libical/sspm.c:681:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(boundary,"--");
data/orage-4.12.1/libical/src/libical/sspm.c:708:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/orage-4.12.1/libical/src/libical/sspm.c:723:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(boundary,"--");
data/orage-4.12.1/libical/src/libical/sspm.c:809:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/orage-4.12.1/libical/src/libical/sspm.c:824:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(boundary,"--");
data/orage-4.12.1/libical/src/libical/sspm.c:923:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_lines[MAX_HEADER_LINES][BUF_SIZE]; /* HACK, hard limits */
data/orage-4.12.1/libical/src/libical/sspm.c:1172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4] = {0,0,0,0};
data/orage-4.12.1/libical/src/libical/sspm.c:1250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3];
data/orage-4.12.1/libical/src/libical/sspm.c:1252:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp,"=%02X",ch);
data/orage-4.12.1/libical/src/libical/sspm.c:1372:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char BaseTable[64] = {
data/orage-4.12.1/libical/src/libical/sspm.c:1382:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[4];
data/orage-4.12.1/libical/src/libical/sspm.c:1418:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[3];
data/orage-4.12.1/libical/src/libical/sspm.c:1467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TMP_BUF_SIZE];
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:211:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icalclusterimpl.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[5]; /* clus */
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:310:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[128];
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[ICAL_PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:323:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename,"w");
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:333:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (f = fopen(filename,"r+")) != 0){
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:341:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sequence = atoi(temp)+1;
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[ICAL_PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uidstring[ICAL_PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:423:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clustername[ICAL_PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:582:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[256];
data/orage-4.12.1/libical/src/libicalss/icaldirset.c:672:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[ICAL_PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:118:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fset->fd = open(fset->path, flags, mode);
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:120:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fset->fd = open(fset->path, flags, mode);
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[ICAL_PATH_MAX];
data/orage-4.12.1/libical/src/libicalss/icalmessage.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[45];
data/orage-4.12.1/libical/src/libicalss/icalset.c:179:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX],
data/orage-4.12.1/libical/src/libicalss/icalset.c:268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, impl, sizeof(icalset));
data/orage-4.12.1/libical/src/libicalss/icalsslexer.c:546:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yytext[YYLMAX];
data/orage-4.12.1/libical/src/libicalss/icalsslexer.c:645:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yytext_r[YYLMAX];
data/orage-4.12.1/panel-plugin/oc_config.c:239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *clock_rotation_array[3] = {_("No rotation"), _("Rotate left")
data/orage-4.12.1/panel-plugin/oc_config.c:381:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, _("Line %d:"), cur_line);
data/orage-4.12.1/panel-plugin/timezone_selection.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area_old[MAX_AREA_LENGTH+2]; /*+2 = / + null */
data/orage-4.12.1/panel-plugin/timezone_selection.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_offset[100], s_country[100], s_changes[200], s_change[50]
data/orage-4.12.1/panel-plugin/timezone_selection.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(area_old, "S T a R T"); /* this never matches */
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:131:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(clock_line->prev, "New line");
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[OC_MAX_LINE_LENGTH-1];
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[OC_MAX_LINE_LENGTH-1];
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[OC_MAX_LINE_LENGTH-1], res_next[OC_MAX_LINE_LENGTH-1];
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:501:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(clock_line->prev, "New line");
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:553:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "data%d", i);
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:556:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "font%d", i);
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:597:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%uR %uG %uB"
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:607:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%uR %uG %uB"
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:640:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "data%d", i);
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:642:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "font%d", i);
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:647:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "data%d", i);
data/orage-4.12.1/panel-plugin/xfce4-orageclock-plugin.c:649:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "font%d", i);
data/orage-4.12.1/src/appointment.c:1462:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(recur_exception->type, "RDATE");
data/orage-4.12.1/src/appointment.c:1467:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(recur_exception->type, "EXDATE");
data/orage-4.12.1/src/appointment.c:2741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *availability_array[2] = {_("Free"), _("Busy")};
data/orage-4.12.1/src/appointment.c:3017:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *when_array[4] = {_("Before Start"), _("Before End")
data/orage-4.12.1/src/appointment.c:3296:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *recur_freq_array[6] = {
data/orage-4.12.1/src/appointment.c:3298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *weekday_array[7] = {
data/orage-4.12.1/src/day-view.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s_date, a_day[9];
data/orage-4.12.1/src/day-view.c:714:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "O00.");
data/orage-4.12.1/src/day-view.c:952:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[5+1], *date, *today;
data/orage-4.12.1/src/event-list.c:478:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "O00.");
data/orage-4.12.1/src/event-list.c:489:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "A00.");
data/orage-4.12.1/src/event-list.c:566:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "O00.");
data/orage-4.12.1/src/event-list.c:578:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "A00.");
data/orage-4.12.1/src/event-list.c:607:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_day[9]; /* yyyymmdd */
data/orage-4.12.1/src/event-list.c:653:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_day[9]; /* yyyymmdd */
data/orage-4.12.1/src/event-list.c:668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_day[9]; /* yyyymmdd */
data/orage-4.12.1/src/event-list.c:921:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *title, a_day[9];
data/orage-4.12.1/src/event-list.h:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_now[6]; /* hh:mm */
data/orage-4.12.1/src/event-list.h:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_now[XFICAL_APPT_TIME_FORMAT_LEN]; /* yyyymmddThhmmss */
data/orage-4.12.1/src/functions.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *formatted, time_stamp[10];
data/orage-4.12.1/src/functions.c:647:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char i18_time[128];
data/orage-4.12.1/src/functions.c:656:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char i18_date[128];
data/orage-4.12.1/src/functions.c:747:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char icaltime[XFICAL_APPT_TIME_FORMAT_LEN];
data/orage-4.12.1/src/functions.c:772:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char i18_time[10];
data/orage-4.12.1/src/ical-code.c:956:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[50];
data/orage-4.12.1/src/ical-code.c:2165:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(excp->type, "EXDATE");
data/orage-4.12.1/src/ical-code.c:2185:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(excp->type, "RDATE");
data/orage-4.12.1/src/ical-code.c:2347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_type[8];
data/orage-4.12.1/src/ical-code.c:3204:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "O00.");
data/orage-4.12.1/src/ical-code.c:4088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *uid, ical_uid[XFICAL_UID_LEN+1];
data/orage-4.12.1/src/mainbox.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_date[9];
data/orage-4.12.1/src/mainbox.c:693:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_day[9]; /* yyyymmdd */
data/orage-4.12.1/src/mainbox.c:711:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "O00.");
data/orage-4.12.1/src/mainbox.c:740:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_day[9]; /* yyyymmdd */
data/orage-4.12.1/src/mainbox.c:761:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_type, "O00.");
data/orage-4.12.1/src/reminder.c:556:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char heading[250];
data/orage-4.12.1/src/timezone_selection.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area_old[MAX_AREA_LENGTH+2]; /*+2 = / + null */
data/orage-4.12.1/src/timezone_selection.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_offset[100], s_country[100], s_changes[200], s_change[50]
data/orage-4.12.1/src/timezone_selection.c:92:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(area_old, "S T a R T"); /* this never matches */
data/orage-4.12.1/src/tray_icon.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_date[9];
data/orage-4.12.1/src/tz_zoneinfo_read.c:148:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(file_name, "r");
data/orage-4.12.1/src/tz_zoneinfo_read.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str, *str_nl, cc[4];
data/orage-4.12.1/src/tz_zoneinfo_read.c:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_next[101], s_prev[101];
data/orage-4.12.1/src/tz_zoneinfo_read.c:651:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
par_file = fopen(TZ_CONVERT_PAR_FILE_LOC, "r");
data/orage-4.12.1/src/tz_zoneinfo_read.c:790:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tz_dir, "zoneinfo/"); /* now we have the base directory */
data/orage-4.12.1/src/tz_zoneinfo_read.c:798:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(zone_tab_file = fopen(zone_tab_file_name, "r"))) {
data/orage-4.12.1/src/tz_zoneinfo_read.c:844:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tz_dir, "misc/"); /* this is shorter than "zoneinfo" so it is safe */
data/orage-4.12.1/src/tz_zoneinfo_read.c:846:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tz_dir, "zoneinfo/"); /* now we have the base directory */
data/orage-4.12.1/src/tz_zoneinfo_read.c:854:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(country_file = fopen(country_file_name, "r"))) {
data/orage-4.12.1/src/tz_zoneinfo_read.c:891:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(zones_tab_file = fopen(ICAL_ZONES_TAB_FILE_LOC, "r"))) {
data/orage-4.12.1/tz_convert/tz_convert.c:135:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(file_name, "r");
data/orage-4.12.1/tz_convert/tz_convert.c:426:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ical_file = fopen(out_file, "w"))) {
data/orage-4.12.1/tz_convert/tz_convert.c:455:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ical_file = fopen(out_file, "w"))) {
data/orage-4.12.1/tz_convert/tz_convert.c:640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100], until_date[31];
data/orage-4.12.1/tz_convert/tz_convert.c:1107:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
par_file = fopen(par_file_name, "w");
data/orage-4.12.1/tz_convert/tz_convert.c:1369:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ical_zone_tab = fopen(ical_zone, "r+");
data/orage-4.12.1/tz_convert/tz_convert.c:1374:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ical_zone_tab = fopen(ical_zone, "w");
data/orage-4.12.1/tz_convert/tz_convert.c:1382:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ical_zone_tab = fopen(ical_zone, "r+");
data/orage-4.12.1/globaltime/gt_prefs.c:379:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(gtk_entry_get_text(GTK_ENTRY(modify_clock->name_entry)))
data/orage-4.12.1/globaltime/timezone_selection.c:163:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_change_time, " ");
data/orage-4.12.1/globaltime/timezone_selection.c:172:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_change, " ");
data/orage-4.12.1/globaltime/timezone_selection.c:192:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_country, " ");
data/orage-4.12.1/globaltime/timezone_selection.c:198:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_country, " ");
data/orage-4.12.1/globaltime/timezone_selection.c:199:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_changes, " ");
data/orage-4.12.1/libical/src/libical/icalcomponent.c:2248:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_tzid = malloc (tzid_len + strlen (suffix_buf) + 1);
data/orage-4.12.1/libical/src/libical/icalcomponent.c:2254:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (new_tzid, tzid, tzid_len);
data/orage-4.12.1/libical/src/libical/icalcomponent.c:2267:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tzid);
data/orage-4.12.1/libical/src/libical/icalduration.c:87:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(str);
data/orage-4.12.1/libical/src/libical/icallangbind.c:209:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* copy = (char*) malloc(strlen(str)+1);
data/orage-4.12.1/libical/src/libical/icallangbind.c:301:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buf_size = 2 * strlen(str);
data/orage-4.12.1/libical/src/libical/icalmemory.c:230:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* b = icalmemory_tmp_buffer(strlen(str)+1);
data/orage-4.12.1/libical/src/libical/icalmemory.c:310:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length = strlen(string);
data/orage-4.12.1/libical/src/libical/icalparameter.c:274:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_buf = icalmemory_tmp_buffer(strlen(buf));
data/orage-4.12.1/libical/src/libical/icalparser.c:191:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,start,size);
data/orage-4.12.1/libical/src/libical/icalparser.c:266:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next = (char*)(size_t)line+(size_t)strlen(line);\
data/orage-4.12.1/libical/src/libical/icalparser.c:291:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(line);
data/orage-4.12.1/libical/src/libical/icalparser.c:646:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str == 0 || strlen(str) == 0 ){
data/orage-4.12.1/libical/src/libical/icalparser.c:1060:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(data->pos);
data/orage-4.12.1/libical/src/libical/icalparser.c:1071:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(out,data->pos,size);
data/orage-4.12.1/libical/src/libical/icalproperty.c:325:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (text);
data/orage-4.12.1/libical/src/libical/icalproperty.c:361:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_buf = icalmemory_tmp_buffer (strlen (buf) + 1);
data/orage-4.12.1/libical/src/libical/icalrecur.c:362:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = (char*)vals_copy+strlen(vals_copy);
data/orage-4.12.1/libical/src/libical/icaltime.c:384:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/orage-4.12.1/libical/src/libical/icaltimezone.c:419:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
standard_len = strlen (standard_tzname);
data/orage-4.12.1/libical/src/libical/icaltimezone.c:420:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daylight_len = strlen (daylight_tzname);
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1418:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = strlen (get_zone_directory()) + strlen (ZONES_TAB_FILENAME)
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1418:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = strlen (get_zone_directory()) + strlen (ZONES_TAB_FILENAME)
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1498:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = strlen (get_zone_directory()) + strlen (zone->location) + 6;
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1498:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = strlen (get_zone_directory()) + strlen (zone->location) + 6;
data/orage-4.12.1/libical/src/libical/icaltimezone.c:1659:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zone_files_directory = malloc(strlen(path)+1);
data/orage-4.12.1/libical/src/libical/icalvalue.c:185:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* out = (char*)malloc(sizeof(char) * strlen(str) +1);
data/orage-4.12.1/libical/src/libical/icalvalue.c:696:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*)icalmemory_tmp_buffer(strlen(data)+1);
data/orage-4.12.1/libical/src/libical/icalvalue.c:724:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_sz = strlen(value->data.v_string)+1;
data/orage-4.12.1/libical/src/libical/icalvalue.c:801:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = icalmemory_tmp_buffer (strlen (url) + 1);
data/orage-4.12.1/libical/src/libical/icalvalue.c:860:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str,"T");
data/orage-4.12.1/libical/src/libical/icalvalue.c:1295:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(ptr) >= nMaxBufferLen)
data/orage-4.12.1/libical/src/libical/sspm.c:163:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p+=strlen(parameter);
data/orage-4.12.1/libical/src/libical/sspm.c:181:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,p,(size_t)s-(size_t)p);
data/orage-4.12.1/libical/src/libical/sspm.c:203:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,line,(size_t)c-(size_t)line);
data/orage-4.12.1/libical/src/libical/sspm.c:226:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = c+strlen(line);
data/orage-4.12.1/libical/src/libical/sspm.c:448:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(major_content_type_map[i].str))==0){
data/orage-4.12.1/libical/src/libical/sspm.c:472:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(minor_content_type_map[i].str))==0){
data/orage-4.12.1/libical/src/libical/sspm.c:676:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((boundary = (char*)malloc(strlen(line)+5)) == 0){
data/orage-4.12.1/libical/src/libical/sspm.c:718:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((boundary = (char*)malloc(strlen(line)+5)) == 0){
data/orage-4.12.1/libical/src/libical/sspm.c:735:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*size = strlen(line);
data/orage-4.12.1/libical/src/libical/sspm.c:819:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((boundary = (char*)malloc(strlen(line)+5)) == 0){
data/orage-4.12.1/libical/src/libical/sspm.c:954:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(buf) < BUF_SIZE);
data/orage-4.12.1/libical/src/libical/sspm.c:973:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = (char*) ( (size_t)strlen(last_line)+
data/orage-4.12.1/libical/src/libical/sspm.c:981:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (last_line[strlen(last_line)-1] == '\n'){
data/orage-4.12.1/libical/src/libical/sspm.c:982:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last_line[strlen(last_line)-1] = '\0';
data/orage-4.12.1/libical/src/libical/sspm.c:989:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen(buf_start) + strlen(last_line) < BUF_SIZE);
data/orage-4.12.1/libical/src/libical/sspm.c:989:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen(buf_start) + strlen(last_line) < BUF_SIZE);
data/orage-4.12.1/libical/src/libical/sspm.c:1293:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length = strlen(string);
data/orage-4.12.1/libical/src/libical/sspm.c:1593:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(buf.buffer[strlen(buf.buffer)-1] != '\n'){
data/orage-4.12.1/libical/src/libical/vsnprintf.c:96:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, p, n-1);
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:89:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path,"/");
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:196:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir,"/");
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:216:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path,"/");
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:233:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path,"/");
data/orage-4.12.1/libical/src/libicalss/icalcalendar.c:250:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path,"/");
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:189:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read(fd,p,1) != 1 || *p=='\n'){
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:382:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz=write(fset->fd,str,strlen(str));
data/orage-4.12.1/libical/src/libicalss/icalfileset.c:384:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( sz != strlen(str)){
data/orage-4.12.1/libical/src/libicalss/icalset.c:184:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufptr = buf + strlen(buf);
data/orage-4.12.1/libical/src/libicalss/icalsslexer.c:838:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/orage-4.12.1/libical/src/libicalss/icalssyacc.c:535:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/orage-4.12.1/libical/src/libicalss/icalssyacc.c:1298:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = s+strlen(s)-1;
data/orage-4.12.1/panel-plugin/timezone_selection.c:164:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_change_time, " ");
data/orage-4.12.1/panel-plugin/timezone_selection.c:173:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_change, " ");
data/orage-4.12.1/panel-plugin/timezone_selection.c:193:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_country, " ");
data/orage-4.12.1/panel-plugin/timezone_selection.c:199:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_country, " ");
data/orage-4.12.1/panel-plugin/timezone_selection.c:200:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_changes, " ");
data/orage-4.12.1/src/appointment.c:694:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(appSound_entry_filename) > 0)
data/orage-4.12.1/src/appointment.c:884:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(tmp);
data/orage-4.12.1/src/appointment.c:1459:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(text);
data/orage-4.12.1/src/appointment.c:1463:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(recur_exception->time, orage_i18_time_to_icaltime(text), 16);
data/orage-4.12.1/src/appointment.c:1476:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(recur_exception->time, orage_i18_date_to_icaldate(text), 16);
data/orage-4.12.1/src/appointment.c:1478:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(recur_exception->time, orage_i18_time_to_icaltime(text), 16);
data/orage-4.12.1/src/appointment.c:1486:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(recur_exception->time, orage_i18_time_to_icaltime(text), 16);
data/orage-4.12.1/src/appointment.c:1488:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(recur_exception->time, orage_i18_date_to_icaldate(text), 16);
data/orage-4.12.1/src/appointment.c:1549:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmp_type, "-");
data/orage-4.12.1/src/appointment.c:1551:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmp_type, "+");
data/orage-4.12.1/src/appointment.c:1553:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp_type, p_type, 1);
data/orage-4.12.1/src/appointment.c:1660:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(appt->starttime) > 6 ) {
data/orage-4.12.1/src/appointment.c:1689:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(appt->endtime) > 6 ) {
data/orage-4.12.1/src/appointment.c:1726:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(appt->completedtime) > 6 ) {
data/orage-4.12.1/src/appointment.c:2206:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, _(" *** COPY ***"), strlen(_(" *** COPY ***")), &i);
data/orage-4.12.1/src/day-view.c:177:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(a_day, orage_i18_date_to_icaldate(s_date), 8);
data/orage-4.12.1/src/day-view.c:555:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tip_note = g_markup_escape_text(tmp_note, strlen(tmp_note));
data/orage-4.12.1/src/day-view.c:707:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dw->a_day, orage_i18_date_to_icaldate(s_date), 8);
data/orage-4.12.1/src/event-list.c:320:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(start_time, stime, len);
data/orage-4.12.1/src/event-list.c:323:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(end_time, "99999", len); /* long in the future*/
data/orage-4.12.1/src/event-list.c:325:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(end_time, stime+len, len);
data/orage-4.12.1/src/event-list.c:422:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp = g_strstr_len(tmp_note, strlen(tmp_note), "\n")) != NULL) {
data/orage-4.12.1/src/event-list.c:424:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(tmp_note)-strlen(tmp)) < len)
data/orage-4.12.1/src/event-list.c:424:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(tmp_note)-strlen(tmp)) < len)
data/orage-4.12.1/src/event-list.c:425:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_note)-strlen(tmp);
data/orage-4.12.1/src/event-list.c:425:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_note)-strlen(tmp);
data/orage-4.12.1/src/event-list.c:624:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(a_day, "19000101", 8);
data/orage-4.12.1/src/event-list.c:635:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(a_day, stime, 8);
data/orage-4.12.1/src/event-list.c:659:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(a_day, stime, 8);
data/orage-4.12.1/src/event-list.c:661:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(el->date_now, stime, XFICAL_APPT_TIME_FORMAT_LEN-1);
data/orage-4.12.1/src/event-list.c:671:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(a_day, orage_i18_date_to_icaldate(gtk_button_get_label(
data/orage-4.12.1/src/event-list.c:924:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(a_day, orage_i18_date_to_icaldate(title), 8);
data/orage-4.12.1/src/functions.c:345:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (cur = text; cur && (cmd = strstr(cur, old)); cur = cmd + strlen(old)) {
data/orage-4.12.1/src/functions.c:421:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int text_len=strlen(text);
data/orage-4.12.1/src/ical-archive.c:122:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const gint x_len = strlen("X-ORAGE-ORIG-");
data/orage-4.12.1/src/ical-code.c:1200:275: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
orage_message(110, "appt_add_exceptions_internal: EXDATE is date (%s) (%d). There is libical bug http://sourceforge.net/tracker/?func=detail&aid=2901161&group_id=16077&atid=116077 which causes that excluded dates do not work properly in Orage.", excp->time, strlen(excp->time));
data/orage-4.12.1/src/ical-code.c:2161:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(text) > 16)
data/orage-4.12.1/src/ical-code.c:2180:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(text) > 16)
data/orage-4.12.1/src/ical-code.c:2353:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(file_type, uid, 4); /* file id */
data/orage-4.12.1/src/ical-code.c:3838:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(appt->starttimecur, icaltime_as_ical_string(sdate), 16);
data/orage-4.12.1/src/ical-code.c:3840:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(appt->endtimecur, icaltime_as_ical_string(edate), 16);
data/orage-4.12.1/src/ical-code.c:4019:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next += strlen(str);
data/orage-4.12.1/src/ical-code.c:4054:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prev += strlen(str);
data/orage-4.12.1/src/ical-code.c:4063:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prev -= strlen(str);
data/orage-4.12.1/src/ical-code.c:4105:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (text_len == strlen(text_upper)) {
data/orage-4.12.1/src/ical-code.c:4121:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, text_len, strlen(text_upper));
data/orage-4.12.1/src/ical-code.c:4131:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
beg -= strlen("\nBEGIN:"); /* we need to be able to find first, too */
data/orage-4.12.1/src/ical-code.c:4193:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ical_uid) > XFICAL_UID_LEN-2) {
data/orage-4.12.1/src/ical-expimp.c:145:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = g_strstr_len(tmp, strlen(tmp), "DCREATED:")) {
data/orage-4.12.1/src/ical-expimp.c:146:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp2 = tmp+strlen("DCREATED:yyyymmddThhmmss");
data/orage-4.12.1/src/ical-expimp.c:167:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = g_strstr_len(tmp, strlen(tmp), ";TZID=/")) {
data/orage-4.12.1/src/ical-expimp.c:392:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(uid) < 5) {
data/orage-4.12.1/src/ical-expimp.c:397:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid_end = g_strstr_len((const gchar *)uid, strlen(uid), ",");
data/orage-4.12.1/src/interface.c:463:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, strlen(filename), ",");
data/orage-4.12.1/src/interface.c:870:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, strlen(file), &pos);
data/orage-4.12.1/src/mainbox.c:85:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cur_date, orage_cal_to_icaldate(GTK_CALENDAR(cal->mCalendar)), 8);
data/orage-4.12.1/src/mainbox.c:483:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = g_markup_escape_text(tmp_note, strlen(tmp_note));
data/orage-4.12.1/src/mainbox.c:706:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(a_day, s_time, 8);
data/orage-4.12.1/src/mainbox.c:757:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(a_day, s_time, 8);
data/orage-4.12.1/src/parameters.c:381:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (g_par.sound_application == NULL || strlen(g_par.sound_application) == 0
data/orage-4.12.1/src/parameters.c:1106:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gint tz_offset = strlen("/usr/share/zoneinfo/");
data/orage-4.12.1/src/reminder.c:564:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(heading, _("Reminder "), 100);
data/orage-4.12.1/src/reminder.c:866:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sep += strlen(" - "); /* points now to the end-time */
data/orage-4.12.1/src/reminder.c:1103:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cur_alarm->alarm_time) < XFICAL_APPT_DATE_FORMAT_LEN) {
data/orage-4.12.1/src/reminder.c:1139:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, strlen(cur_alarm->title))
data/orage-4.12.1/src/timezone_selection.c:175:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_change_time, " ");
data/orage-4.12.1/src/timezone_selection.c:184:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_change, " ");
data/orage-4.12.1/src/timezone_selection.c:204:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_country, " ");
data/orage-4.12.1/src/timezone_selection.c:210:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_country, " ");
data/orage-4.12.1/src/timezone_selection.c:211:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_changes, " ");
data/orage-4.12.1/src/tz_zoneinfo_read.c:277:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("Abbr:%d (%d)(%s)\n", i, (int)strlen((char *)(tmp + i))
data/orage-4.12.1/src/tz_zoneinfo_read.c:279:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen((char *)(tmp + i));
data/orage-4.12.1/src/tz_zoneinfo_read.c:371:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tz_array.cc[tz_array.count], ++str_nl, 2);
data/orage-4.12.1/src/tz_zoneinfo_read.c:392:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tz_array.country[tz_array.count], str, (str_nl - str));
data/orage-4.12.1/src/tz_zoneinfo_read.c:553:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("zoneinfo/")]);
data/orage-4.12.1/src/tz_zoneinfo_read.c:722:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tz_len = strlen(tz);
data/orage-4.12.1/src/tz_zoneinfo_read.c:738:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_timezone_name = strdup(&in_file[in_file_base_offset + strlen(tz2)]);
data/orage-4.12.1/src/tz_zoneinfo_read.c:779:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int zoneinfo_len=strlen("zoneinfo/");
data/orage-4.12.1/src/tz_zoneinfo_read.c:788:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tz_dir, in_file, in_file_base_offset);
data/orage-4.12.1/src/tz_zoneinfo_read.c:792:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zone_tab_file_name = malloc(strlen(tz_dir) + strlen(ZONETAB_FILE) + 1);
data/orage-4.12.1/src/tz_zoneinfo_read.c:792:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zone_tab_file_name = malloc(strlen(tz_dir) + strlen(ZONETAB_FILE) + 1);
data/orage-4.12.1/src/tz_zoneinfo_read.c:831:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int zoneinfo_len=strlen("zoneinfo/");
data/orage-4.12.1/src/tz_zoneinfo_read.c:841:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tz_dir, in_file, in_file_base_offset);
data/orage-4.12.1/src/tz_zoneinfo_read.c:849:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
country_file_name = malloc(strlen(tz_dir) + strlen(COUNTRY_FILE) + 1);
data/orage-4.12.1/src/tz_zoneinfo_read.c:849:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
country_file_name = malloc(strlen(tz_dir) + strlen(COUNTRY_FILE) + 1);
data/orage-4.12.1/tz_convert/tz_convert.c:264:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("Abbr:%d (%d)(%s)\n", i, (int)strlen((char *)(tmp + i))
data/orage-4.12.1/tz_convert/tz_convert.c:266:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen((char *)(tmp + i));
data/orage-4.12.1/tz_convert/tz_convert.c:345:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_file_name_len = strlen(out_file);
data/orage-4.12.1/tz_convert/tz_convert.c:346:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup_ending_len = strlen(backup_ending);
data/orage-4.12.1/tz_convert/tz_convert.c:350:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup_out_file, out_file, out_file_name_len);
data/orage-4.12.1/tz_convert/tz_convert.c:352:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(backup_out_file, backup_ending, backup_ending_len);
data/orage-4.12.1/tz_convert/tz_convert.c:396:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_file_name_len = strlen(&in_file_name[in_file_base_offset]);
data/orage-4.12.1/tz_convert/tz_convert.c:397:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ical_ending_len = strlen(ical_ending);
data/orage-4.12.1/tz_convert/tz_convert.c:401:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(out_file, &in_file_name[in_file_base_offset], in_file_name_len);
data/orage-4.12.1/tz_convert/tz_convert.c:403:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(out_file, ical_ending, ical_ending_len);
data/orage-4.12.1/tz_convert/tz_convert.c:408:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen("zoneinfo/")]);
data/orage-4.12.1/tz_convert/tz_convert.c:479:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(data);
data/orage-4.12.1/tz_convert/tz_convert.c:1113:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = in_file_base_offset + strlen("zoneinfo");
data/orage-4.12.1/tz_convert/tz_convert.c:1116:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len <= strlen(in_file)) {
data/orage-4.12.1/tz_convert/tz_convert.c:1365:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(timezone_name), buf_len;
data/orage-4.12.1/tz_convert/tz_convert.c:1439:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len = strlen(&ical_zone_buf[offset-18]);
data/orage-4.12.1/tz_convert/tz_convert.c:1580:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tz_len = strlen(tz);
data/orage-4.12.1/tz_convert/tz_convert.c:1596:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_timezone_name = strdup(&in_file[in_file_base_offset + strlen(tz2)]);
ANALYSIS SUMMARY:
Hits = 464
Lines analyzed = 59348 in approximately 1.53 seconds (38679 lines/second)
Physical Source Lines of Code (SLOC) = 40701
Hits@level = [0] 314 [1] 177 [2] 179 [3] 1 [4] 107 [5] 0
Hits@level+ = [0+] 778 [1+] 464 [2+] 287 [3+] 108 [4+] 107 [5+] 0
Hits/KSLOC@level+ = [0+] 19.115 [1+] 11.4002 [2+] 7.05142 [3+] 2.6535 [4+] 2.62893 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.