Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pgn2web-0.4/bool.h Examining data/pgn2web-0.4/chess.c Examining data/pgn2web-0.4/chess.h Examining data/pgn2web-0.4/nag.h Examining data/pgn2web-0.4/pgn2web.h Examining data/pgn2web-0.4/pgn2web.c Examining data/pgn2web-0.4/cli.c Examining data/pgn2web-0.4/gui.h Examining data/pgn2web-0.4/gui.cpp FINAL RESULTS: data/pgn2web-0.4/cli.c:60:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp("p2wgui", 0); data/pgn2web-0.4/cli.c:94:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path, INSTALL_PATH); data/pgn2web-0.4/cli.c:96:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(path, argv[arg + 1]); data/pgn2web-0.4/pgn2web.c:102:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(board_filename, resource_path); data/pgn2web-0.4/pgn2web.c:107:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(frame_filename, resource_path); data/pgn2web-0.4/pgn2web.c:112:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(game_filename, resource_path); data/pgn2web-0.4/pgn2web.c:117:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(single_filename, resource_path); data/pgn2web-0.4/pgn2web.c:139:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(src, resource_path); data/pgn2web-0.4/pgn2web.c:144:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dest, html_filename); data/pgn2web-0.4/pgn2web.c:154:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(command, dest); data/pgn2web-0.4/pgn2web.c:156:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(command); data/pgn2web-0.4/pgn2web.c:159:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(command, src); data/pgn2web-0.4/pgn2web.c:161:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(command, dest); data/pgn2web-0.4/pgn2web.c:163:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(command); data/pgn2web-0.4/pgn2web.c:166:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(command, src); data/pgn2web-0.4/pgn2web.c:168:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(command, dest); data/pgn2web-0.4/pgn2web.c:170:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(command); data/pgn2web-0.4/pgn2web.c:286:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(board_filename, html_filename); data/pgn2web-0.4/pgn2web.c:350:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(board_url, html_filename); data/pgn2web-0.4/pgn2web.c:354:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(game_url, html_filename); data/pgn2web-0.4/pgn2web.c:417:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*moves, variation->buffer); data/pgn2web-0.4/pgn2web.c:511:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(url, html_filename); data/pgn2web-0.4/pgn2web.c:527:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*game_list, url); data/pgn2web-0.4/pgn2web.c:529:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*game_list, white); data/pgn2web-0.4/pgn2web.c:531:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*game_list, black); data/pgn2web-0.4/pgn2web.c:533:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*game_list, date); data/pgn2web-0.4/pgn2web.c:566:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(extension, insert_point); data/pgn2web-0.4/pgn2web.c:570:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(filename, suffix); data/pgn2web-0.4/pgn2web.c:575:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(insert_point, suffix); data/pgn2web-0.4/pgn2web.c:576:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(filename, extension); data/pgn2web-0.4/pgn2web.c:587:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(root_path, SEPERATOR_STRING); data/pgn2web-0.4/pgn2web.c:591:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(root_path, path + 1); data/pgn2web-0.4/pgn2web.c:594:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(root_path, path); data/pgn2web-0.4/pgn2web.c:649:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(game_filename, html_filename); data/pgn2web-0.4/pgn2web.c:675:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(FEN, INITIAL_POSITION); data/pgn2web-0.4/pgn2web.c:838:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*notation, token); data/pgn2web-0.4/pgn2web.c:841:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, temp_pointer); data/pgn2web-0.4/pgn2web.c:842:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(token, temp); data/pgn2web-0.4/pgn2web.c:849:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*notation, token); data/pgn2web-0.4/pgn2web.c:861:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, token + 1); data/pgn2web-0.4/pgn2web.c:862:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(token, temp); data/pgn2web-0.4/pgn2web.c:882:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*notation, NAGS[nag]); data/pgn2web-0.4/pgn2web.c:889:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, temp_pointer); data/pgn2web-0.4/pgn2web.c:890:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(token, temp); data/pgn2web-0.4/pgn2web.c:896:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, token + 1); data/pgn2web-0.4/pgn2web.c:897:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(token, temp); data/pgn2web-0.4/pgn2web.c:943:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, token + 1); data/pgn2web-0.4/pgn2web.c:944:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(token, temp); data/pgn2web-0.4/pgn2web.c:959:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, token + 1); data/pgn2web-0.4/pgn2web.c:960:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(token, temp); data/pgn2web-0.4/pgn2web.c:969:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, token); data/pgn2web-0.4/pgn2web.c:979:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(token, temp_pointer); data/pgn2web-0.4/pgn2web.c:981:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(move_string, temp); data/pgn2web-0.4/pgn2web.c:1012:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(*notation + strlen(*notation), "<a class=\"move\" href=\"javascript:parent.board.jumpto(%d, %d);\" id=\"v%dm%d\">%s</a>", current->id, current->relative_move, current->id, current->relative_move, move_string); data/pgn2web-0.4/pgn2web.c:1015:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(*notation + strlen(*notation), "<a class=\"move\" href=\"javascript:jumpto(%d, %d);\" id=\"v%dm%d\">%s</a>", current->id, current->relative_move, current->id, current->relative_move, move_string); data/pgn2web-0.4/pgn2web.c:1096:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(filename, SEPERATOR_STRING); data/pgn2web-0.4/pgn2web.c:1113:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(copy, path_end + 1); data/pgn2web-0.4/pgn2web.c:1114:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, copy); data/pgn2web-0.4/cli.c:95:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(path, "/images/"); data/pgn2web-0.4/pgn2web.c:121:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((pgn = fopen(pgn_filename, "r")) == NULL) { data/pgn2web-0.4/pgn2web.c:128:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((template = fopen(template_filename, "r")) == NULL) { data/pgn2web-0.4/pgn2web.c:153:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(command, "MD \""); data/pgn2web-0.4/pgn2web.c:158:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(command, "COPY \""); data/pgn2web-0.4/pgn2web.c:160:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(command, "\" \""); data/pgn2web-0.4/pgn2web.c:165:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(command, "cp -r \""); data/pgn2web-0.4/pgn2web.c:167:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(command, "\" \""); data/pgn2web-0.4/pgn2web.c:273:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string + strlen(string), "%d,%d,%d,%d,", js_move[0], js_move[1], js_move[2], js_move[3]); data/pgn2web-0.4/pgn2web.c:280:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/pgn2web-0.4/pgn2web.c:290:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((template = fopen(template_filename, "r")) == NULL) { data/pgn2web-0.4/pgn2web.c:294:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((board = fopen(board_filename, "w")) == NULL) { data/pgn2web-0.4/pgn2web.c:343:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/pgn2web-0.4/pgn2web.c:359:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((template = fopen(frame_filename, "r")) == NULL) { data/pgn2web-0.4/pgn2web.c:363:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((frame = fopen(html_filename, "w")) == NULL) { data/pgn2web-0.4/pgn2web.c:401:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(*moves + strlen(*moves), "parents[%d] = new Array(", variation->id); data/pgn2web-0.4/pgn2web.c:403:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(*moves + strlen(*moves), "%d,%d);\n", variation->parent->id, variation->parent_move); data/pgn2web-0.4/pgn2web.c:406:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(*moves + strlen(*moves), "-1,%d);\n", variation->parent_move); data/pgn2web-0.4/pgn2web.c:482:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/pgn2web-0.4/pgn2web.c:483:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char white[256]; data/pgn2web-0.4/pgn2web.c:484:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char black[256]; data/pgn2web-0.4/pgn2web.c:485:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[256]; data/pgn2web-0.4/pgn2web.c:490:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char game_index[32]; data/pgn2web-0.4/pgn2web.c:513:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(game_index, "%d", game); data/pgn2web-0.4/pgn2web.c:526:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(*game_list, "<option value=\""); data/pgn2web-0.4/pgn2web.c:528:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(*game_list, "\">"); data/pgn2web-0.4/pgn2web.c:530:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(*game_list, " - "); data/pgn2web-0.4/pgn2web.c:626:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char game_index[32]; data/pgn2web-0.4/pgn2web.c:629:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/pgn2web-0.4/pgn2web.c:631:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char event[256]; data/pgn2web-0.4/pgn2web.c:632:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char site[256]; data/pgn2web-0.4/pgn2web.c:633:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[256]; data/pgn2web-0.4/pgn2web.c:634:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char round[256]; data/pgn2web-0.4/pgn2web.c:635:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char white[256]; data/pgn2web-0.4/pgn2web.c:636:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char black[256]; data/pgn2web-0.4/pgn2web.c:637:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[256]; data/pgn2web-0.4/pgn2web.c:638:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char FEN[256]; data/pgn2web-0.4/pgn2web.c:650:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(game_index, "%d", game); data/pgn2web-0.4/pgn2web.c:653:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((html = fopen(game_filename, "w")) == NULL) { data/pgn2web-0.4/pgn2web.c:776:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char move_string[256]; data/pgn2web-0.4/pgn2web.c:777:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char token[256]; data/pgn2web-0.4/pgn2web.c:778:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[256]; data/pgn2web-0.4/pgn2web.c:789:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(root->buffer, "moves[%d] = new Array(", root->id); data/pgn2web-0.4/pgn2web.c:802:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(*notation, "<b>"); data/pgn2web-0.4/pgn2web.c:809:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(*notation, "</b>"); data/pgn2web-0.4/pgn2web.c:810:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(current->buffer, "-1,-1,-1,-1);\n"); /* exit loop if none */ data/pgn2web-0.4/pgn2web.c:858:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(*notation, "</b>"); data/pgn2web-0.4/pgn2web.c:869:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(current->buffer, "-1,-1,-1,-1);\n"); data/pgn2web-0.4/pgn2web.c:899:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(*notation, "</b>"); data/pgn2web-0.4/pgn2web.c:919:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(new->buffer, "moves[%d] = new Array(", new->id); data/pgn2web-0.4/pgn2web.c:949:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(current->buffer, "-1,-1,-1,-1);\n"); data/pgn2web-0.4/pgn2web.c:999:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(*notation, "<p><b>"); data/pgn2web-0.4/pgn2web.c:1003:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(*notation + strlen(*notation), "%d.", (current->actual_move + 1) / 2); data/pgn2web-0.4/pgn2web.c:1007:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(*notation + strlen(*notation), "%d... ", (current->actual_move + 1) / 2); data/pgn2web-0.4/chess.c:153:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(pos = strlen(notation) - 1; pos >= 0; pos--) { data/pgn2web-0.4/cli.c:93:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path = (char*)calloc(strlen(INSTALL_PATH) + strlen("/images/") + strlen(argv[arg + 1]) + 1, sizeof(char)); data/pgn2web-0.4/cli.c:93:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path = (char*)calloc(strlen(INSTALL_PATH) + strlen("/images/") + strlen(argv[arg + 1]) + 1, sizeof(char)); data/pgn2web-0.4/cli.c:93:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path = (char*)calloc(strlen(INSTALL_PATH) + strlen("/images/") + strlen(argv[arg + 1]) + 1, sizeof(char)); data/pgn2web-0.4/pgn2web.c:100:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). board_filename = (char*)calloc(strlen(resource_path) + strlen(board_template) + 2, data/pgn2web-0.4/pgn2web.c:100:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). board_filename = (char*)calloc(strlen(resource_path) + strlen(board_template) + 2, data/pgn2web-0.4/pgn2web.c:105:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). frame_filename = (char*)calloc(strlen(resource_path) + strlen(frame_template) + 2, data/pgn2web-0.4/pgn2web.c:105:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). frame_filename = (char*)calloc(strlen(resource_path) + strlen(frame_template) + 2, data/pgn2web-0.4/pgn2web.c:110:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). game_filename = (char*)calloc(strlen(resource_path) + strlen(game_template) + 2, data/pgn2web-0.4/pgn2web.c:110:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). game_filename = (char*)calloc(strlen(resource_path) + strlen(game_template) + 2, data/pgn2web-0.4/pgn2web.c:115:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). single_filename = (char*)calloc(strlen(resource_path) + strlen(single_template) + 2, data/pgn2web-0.4/pgn2web.c:115:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). single_filename = (char*)calloc(strlen(resource_path) + strlen(single_template) + 2, data/pgn2web-0.4/pgn2web.c:137:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). src = (char*)calloc(strlen(resource_path) + strlen("images") + strlen(pieces) + 3, data/pgn2web-0.4/pgn2web.c:137:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). src = (char*)calloc(strlen(resource_path) + strlen("images") + strlen(pieces) + 3, data/pgn2web-0.4/pgn2web.c:137:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). src = (char*)calloc(strlen(resource_path) + strlen("images") + strlen(pieces) + 3, data/pgn2web-0.4/pgn2web.c:143:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest = (char*)calloc(strlen(html_filename) + strlen(pieces) + 2, sizeof(char)); data/pgn2web-0.4/pgn2web.c:143:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest = (char*)calloc(strlen(html_filename) + strlen(pieces) + 2, sizeof(char)); data/pgn2web-0.4/pgn2web.c:150:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). command = (char*)calloc(strlen(src) + strlen(dest) + 32, sizeof(char)); data/pgn2web-0.4/pgn2web.c:150:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). command = (char*)calloc(strlen(src) + strlen(dest) + 32, sizeof(char)); data/pgn2web-0.4/pgn2web.c:155:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(command, "\""); data/pgn2web-0.4/pgn2web.c:162:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(command, "\""); data/pgn2web-0.4/pgn2web.c:169:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(command, "\""); data/pgn2web-0.4/pgn2web.c:188:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((test = getc(pgn)) != '[' && test != EOF) { data/pgn2web-0.4/pgn2web.c:206:19: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((test = getc(pgn)) != '[' && test != EOF) { data/pgn2web-0.4/pgn2web.c:273:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(string + strlen(string), "%d,%d,%d,%d,", js_move[0], js_move[1], js_move[2], js_move[3]); data/pgn2web-0.4/pgn2web.c:285:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). board_filename = (char*)calloc(strlen(html_filename) + strlen(".board") + 1, sizeof(char)); data/pgn2web-0.4/pgn2web.c:285:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). board_filename = (char*)calloc(strlen(html_filename) + strlen(".board") + 1, sizeof(char)); data/pgn2web-0.4/pgn2web.c:315:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf(board, "%s", tag + strlen("<credit/>")); data/pgn2web-0.4/pgn2web.c:322:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf(board, "%s", tag + strlen("<pieces/>")); data/pgn2web-0.4/pgn2web.c:346:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). board_url = (char*)calloc(strlen(html_filename) + strlen(".board") + 1, sizeof(char)); data/pgn2web-0.4/pgn2web.c:346:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). board_url = (char*)calloc(strlen(html_filename) + strlen(".board") + 1, sizeof(char)); data/pgn2web-0.4/pgn2web.c:347:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). game_url = (char*)calloc(strlen(html_filename) + 2, sizeof(char)); data/pgn2web-0.4/pgn2web.c:401:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(*moves + strlen(*moves), "parents[%d] = new Array(", variation->id); data/pgn2web-0.4/pgn2web.c:403:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(*moves + strlen(*moves), "%d,%d);\n", variation->parent->id, variation->parent_move); data/pgn2web-0.4/pgn2web.c:406:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(*moves + strlen(*moves), "-1,%d);\n", variation->parent_move); data/pgn2web-0.4/pgn2web.c:415:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *moves_size += strlen(variation->buffer); data/pgn2web-0.4/pgn2web.c:448:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = strlen(algebraic) - 1; i >= 0; i--) { data/pgn2web-0.4/pgn2web.c:494:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). url = (char*)calloc(strlen(html_filename) + 32, sizeof(char)); data/pgn2web-0.4/pgn2web.c:498:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(*game_list, ""); data/pgn2web-0.4/pgn2web.c:499:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(white, ""); data/pgn2web-0.4/pgn2web.c:500:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(black, ""); data/pgn2web-0.4/pgn2web.c:501:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(date, ""); data/pgn2web-0.4/pgn2web.c:522:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(date, ""); data/pgn2web-0.4/pgn2web.c:532:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*game_list, " "); data/pgn2web-0.4/pgn2web.c:534:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*game_list, "\n"); data/pgn2web-0.4/pgn2web.c:536:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(white, ""); data/pgn2web-0.4/pgn2web.c:537:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(black, ""); data/pgn2web-0.4/pgn2web.c:538:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(date, ""); data/pgn2web-0.4/pgn2web.c:543:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(*game_list) + 1024 + strlen(html_filename) > buffer_size) { data/pgn2web-0.4/pgn2web.c:543:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(*game_list) + 1024 + strlen(html_filename) > buffer_size) { data/pgn2web-0.4/pgn2web.c:565:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). extension = (char*)calloc(strlen(insert_point) + 1, sizeof(char)); data/pgn2web-0.4/pgn2web.c:586:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(root_path[strlen(root_path) - 1] != SEPERATOR) { data/pgn2web-0.4/pgn2web.c:646:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). game_filename = (char*)calloc(strlen(html_filename) + 32, sizeof(char)); data/pgn2web-0.4/pgn2web.c:744:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf(html, "%s", tag + strlen("<credit/>")); data/pgn2web-0.4/pgn2web.c:750:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf(html, "%s", tag + strlen("<pieces/>")); data/pgn2web-0.4/pgn2web.c:808:8: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if(fscanf(pgn, "%255s", token) != 1) { data/pgn2web-0.4/pgn2web.c:815:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(*notation) + strlen(token) + 256 > notation_size) { data/pgn2web-0.4/pgn2web.c:815:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(*notation) + strlen(token) + 256 > notation_size) { data/pgn2web-0.4/pgn2web.c:820:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current->buffer) + 256 > current->buffer_size) { data/pgn2web-0.4/pgn2web.c:837:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, " "); data/pgn2web-0.4/pgn2web.c:848:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, " "); data/pgn2web-0.4/pgn2web.c:850:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(token, ""); data/pgn2web-0.4/pgn2web.c:860:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, "\n"); data/pgn2web-0.4/pgn2web.c:880:6: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, " "); data/pgn2web-0.4/pgn2web.c:902:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, "\n"); data/pgn2web-0.4/pgn2web.c:904:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, "("); data/pgn2web-0.4/pgn2web.c:945:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, ")"); data/pgn2web-0.4/pgn2web.c:976:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(token, ""); data/pgn2web-0.4/pgn2web.c:995:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*notation, "\n"); data/pgn2web-0.4/pgn2web.c:1003:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(*notation + strlen(*notation), "%d.", (current->actual_move + 1) / 2); data/pgn2web-0.4/pgn2web.c:1007:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(*notation + strlen(*notation), "%d... ", (current->actual_move + 1) / 2); data/pgn2web-0.4/pgn2web.c:1012:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(*notation + strlen(*notation), "<a class=\"move\" href=\"javascript:parent.board.jumpto(%d, %d);\" id=\"v%dm%d\">%s</a>", current->id, current->relative_move, current->id, current->relative_move, move_string); data/pgn2web-0.4/pgn2web.c:1015:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(*notation + strlen(*notation), "<a class=\"move\" href=\"javascript:jumpto(%d, %d);\" id=\"v%dm%d\">%s</a>", current->id, current->relative_move, current->id, current->relative_move, move_string); data/pgn2web-0.4/pgn2web.c:1044:19: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((test = getc(pgn)) == ' ' || test == '\n' || test == '\r') { data/pgn2web-0.4/pgn2web.c:1053:23: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((test = getc(pgn)) != ' ' && test != '\n' && test != '\r') { data/pgn2web-0.4/pgn2web.c:1060:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(getc(pgn) != '}') { data/pgn2web-0.4/pgn2web.c:1068:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). test = getc(pgn); data/pgn2web-0.4/pgn2web.c:1071:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(getc(pgn) != '}') { data/pgn2web-0.4/pgn2web.c:1095:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(filename, "."); data/pgn2web-0.4/pgn2web.c:1112:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). copy = (char*)calloc(strlen(path_end + 1) + 1, sizeof(char)); ANALYSIS SUMMARY: Hits = 192 Lines analyzed = 3197 in approximately 0.12 seconds (25934 lines/second) Physical Source Lines of Code (SLOC) = 2357 Hits@level = [0] 65 [1] 80 [2] 54 [3] 0 [4] 58 [5] 0 Hits@level+ = [0+] 257 [1+] 192 [2+] 112 [3+] 58 [4+] 58 [5+] 0 Hits/KSLOC@level+ = [0+] 109.037 [1+] 81.4595 [2+] 47.518 [3+] 24.6076 [4+] 24.6076 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.