Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/qgo-2.1~git-20180413/src/audio/audio.cpp
Examining data/qgo-2.1~git-20180413/src/audio/audio.h
Examining data/qgo-2.1~git-20180413/src/board/board.cpp
Examining data/qgo-2.1~git-20180413/src/board/board.h
Examining data/qgo-2.1~git-20180413/src/board/boardwindow.cpp
Examining data/qgo-2.1~git-20180413/src/board/boardwindow.h
Examining data/qgo-2.1~git-20180413/src/board/clockdisplay.cpp
Examining data/qgo-2.1~git-20180413/src/board/clockdisplay.h
Examining data/qgo-2.1~git-20180413/src/board/gameinfo.cpp
Examining data/qgo-2.1~git-20180413/src/board/gameinfo.h
Examining data/qgo-2.1~git-20180413/src/board/gatter.cpp
Examining data/qgo-2.1~git-20180413/src/board/gatter.h
Examining data/qgo-2.1~git-20180413/src/board/graphicsitemstypes.h
Examining data/qgo-2.1~git-20180413/src/board/imagehandler.cpp
Examining data/qgo-2.1~git-20180413/src/board/imagehandler.h
Examining data/qgo-2.1~git-20180413/src/board/mark.cpp
Examining data/qgo-2.1~git-20180413/src/board/mark.h
Examining data/qgo-2.1~git-20180413/src/board/stone.cpp
Examining data/qgo-2.1~git-20180413/src/board/stone.h
Examining data/qgo-2.1~git-20180413/src/connectionwidget.cpp
Examining data/qgo-2.1~git-20180413/src/connectionwidget.h
Examining data/qgo-2.1~git-20180413/src/defines.h
Examining data/qgo-2.1~git-20180413/src/displayboard.cpp
Examining data/qgo-2.1~git-20180413/src/displayboard.h
Examining data/qgo-2.1~git-20180413/src/game_interfaces/countdialog.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/countdialog.h
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboard.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboard.h
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboard_match.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboard_net.h
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboard_network.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboard_observe.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboard_review.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboardlocalinterface.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/qgoboardlocalinterface.h
Examining data/qgo-2.1~git-20180413/src/game_interfaces/resultdialog.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/resultdialog.h
Examining data/qgo-2.1~git-20180413/src/game_interfaces/undoprompt.cpp
Examining data/qgo-2.1~git-20180413/src/game_interfaces/undoprompt.h
Examining data/qgo-2.1~git-20180413/src/game_tree/group.cpp
Examining data/qgo-2.1~git-20180413/src/game_tree/group.h
Examining data/qgo-2.1~git-20180413/src/game_tree/matrix.cpp
Examining data/qgo-2.1~git-20180413/src/game_tree/matrix.h
Examining data/qgo-2.1~git-20180413/src/game_tree/move.cpp
Examining data/qgo-2.1~git-20180413/src/game_tree/move.h
Examining data/qgo-2.1~git-20180413/src/game_tree/tree.cpp
Examining data/qgo-2.1~git-20180413/src/game_tree/tree.h
Examining data/qgo-2.1~git-20180413/src/gamedata.h
Examining data/qgo-2.1~git-20180413/src/gtp/qgtp.cpp
Examining data/qgo-2.1~git-20180413/src/gtp/qgtp.h
Examining data/qgo-2.1~git-20180413/src/host.cpp
Examining data/qgo-2.1~git-20180413/src/host.h
Examining data/qgo-2.1~git-20180413/src/listviews.cpp
Examining data/qgo-2.1~git-20180413/src/listviews.h
Examining data/qgo-2.1~git-20180413/src/main.cpp
Examining data/qgo-2.1~git-20180413/src/mainwindow.cpp
Examining data/qgo-2.1~git-20180413/src/mainwindow.h
Examining data/qgo-2.1~git-20180413/src/network/boarddispatch.cpp
Examining data/qgo-2.1~git-20180413/src/network/boarddispatch.h
Examining data/qgo-2.1~git-20180413/src/network/codecwarndialog.cpp
Examining data/qgo-2.1~git-20180413/src/network/codecwarndialog.h
Examining data/qgo-2.1~git-20180413/src/network/consoledispatch.cpp
Examining data/qgo-2.1~git-20180413/src/network/consoledispatch.h
Examining data/qgo-2.1~git-20180413/src/network/createroomdialog.cpp
Examining data/qgo-2.1~git-20180413/src/network/createroomdialog.h
Examining data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp
Examining data/qgo-2.1~git-20180413/src/network/cyberoroconnection.h
Examining data/qgo-2.1~git-20180413/src/network/cyberoroprotocol.h
Examining data/qgo-2.1~git-20180413/src/network/eweiqiconnection.cpp
Examining data/qgo-2.1~git-20180413/src/network/eweiqiconnection.h
Examining data/qgo-2.1~git-20180413/src/network/friendslistdialog.cpp
Examining data/qgo-2.1~git-20180413/src/network/friendslistdialog.h
Examining data/qgo-2.1~git-20180413/src/network/gamedialog.cpp
Examining data/qgo-2.1~git-20180413/src/network/gamedialog.h
Examining data/qgo-2.1~git-20180413/src/network/gamedialogflags.h
Examining data/qgo-2.1~git-20180413/src/network/igsconnection.cpp
Examining data/qgo-2.1~git-20180413/src/network/igsconnection.h
Examining data/qgo-2.1~git-20180413/src/network/lgs.cpp
Examining data/qgo-2.1~git-20180413/src/network/lgs.h
Examining data/qgo-2.1~git-20180413/src/network/login.cpp
Examining data/qgo-2.1~git-20180413/src/network/login.h
Examining data/qgo-2.1~git-20180413/src/network/matchinvitedialog.cpp
Examining data/qgo-2.1~git-20180413/src/network/matchinvitedialog.h
Examining data/qgo-2.1~git-20180413/src/network/matchnegotiationstate.cpp
Examining data/qgo-2.1~git-20180413/src/network/matchnegotiationstate.h
Examining data/qgo-2.1~git-20180413/src/network/messages.h
Examining data/qgo-2.1~git-20180413/src/network/networkconnection.cpp
Examining data/qgo-2.1~git-20180413/src/network/networkconnection.h
Examining data/qgo-2.1~git-20180413/src/network/orosetphrasechat.cpp
Examining data/qgo-2.1~git-20180413/src/network/orosetphrasechat.h
Examining data/qgo-2.1~git-20180413/src/network/parser.cpp
Examining data/qgo-2.1~git-20180413/src/network/parser.h
Examining data/qgo-2.1~git-20180413/src/network/playergamelistings.h
Examining data/qgo-2.1~git-20180413/src/network/protocol.h
Examining data/qgo-2.1~git-20180413/src/network/quickconnection.cpp
Examining data/qgo-2.1~git-20180413/src/network/quickconnection.h
Examining data/qgo-2.1~git-20180413/src/network/room.cpp
Examining data/qgo-2.1~git-20180413/src/network/room.h
Examining data/qgo-2.1~git-20180413/src/network/serverlistdialog.cpp
Examining data/qgo-2.1~git-20180413/src/network/serverlistdialog.h
Examining data/qgo-2.1~git-20180413/src/network/setphrasepalette.cpp
Examining data/qgo-2.1~git-20180413/src/network/setphrasepalette.h
Examining data/qgo-2.1~git-20180413/src/network/talk.cpp
Examining data/qgo-2.1~git-20180413/src/network/talk.h
Examining data/qgo-2.1~git-20180413/src/network/tomconnection.cpp
Examining data/qgo-2.1~git-20180413/src/network/tomconnection.h
Examining data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp
Examining data/qgo-2.1~git-20180413/src/network/tygemconnection.h
Examining data/qgo-2.1~git-20180413/src/network/tygemprotocol.h
Examining data/qgo-2.1~git-20180413/src/network/wing.cpp
Examining data/qgo-2.1~git-20180413/src/network/wing.h
Examining data/qgo-2.1~git-20180413/src/newgamedialog.cpp
Examining data/qgo-2.1~git-20180413/src/newgamedialog.h
Examining data/qgo-2.1~git-20180413/src/preferences.cpp
Examining data/qgo-2.1~git-20180413/src/preferences.h
Examining data/qgo-2.1~git-20180413/src/sgf/sgfparser.cpp
Examining data/qgo-2.1~git-20180413/src/sgf/sgfparser.h
Examining data/qgo-2.1~git-20180413/src/sgfpreview.cpp
Examining data/qgo-2.1~git-20180413/src/sgfpreview.h
FINAL RESULTS:
data/qgo-2.1~git-20180413/src/board/imagehandler.cpp:41:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double drand48() { return rand()*1.0/RAND_MAX; }
data/qgo-2.1~git-20180413/src/board/imagehandler.cpp:180:10: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
theta = drand48() * 2.0 * M_PI;
data/qgo-2.1~git-20180413/src/board/imagehandler.cpp:184:4: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
(drand48() * (maxStripeW - minStripeW));
data/qgo-2.1~git-20180413/src/board/imagehandler.cpp:190:15: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
desc->zMul = drand48() * 650.0 + 70.0;
data/qgo-2.1~git-20180413/src/board/imagehandler.cpp:266:20: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g1=(int)(5+10*drand48() + 10*xr1 + xg1*140);
data/qgo-2.1~git-20180413/src/main.cpp:90:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/qgo-2.1~git-20180413/src/board/boardwindow.cpp:608:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly))
data/qgo-2.1~git-20180413/src/connectionwidget.cpp:220:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ui->openCheckBox->setChecked(open);
data/qgo-2.1~git-20180413/src/connectionwidget.cpp:225:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
connection->sendToggle("open", open);
data/qgo-2.1~git-20180413/src/listviews.cpp:483:65: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QSortFilterProxyModel(parent), rankMin(0), rankMax(100000), open(false), friends(false), fans(false), noblock(false)
data/qgo-2.1~git-20180413/src/listviews.cpp:506:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(open)
data/qgo-2.1~git-20180413/src/listviews.cpp:527:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open != state)
data/qgo-2.1~git-20180413/src/listviews.h:60:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open, friends, fans, noblock;
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:257:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[4];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:524:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char packet[8] = { 0x0a, 0xfa, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00 };
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:2390:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char term_code[2] = { 0x57, 0x04 }; //= { 0x5b, 0x02 };
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:2598:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[120];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3237:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[11];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3403:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[11];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3797:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[11];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3985:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[11];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3987:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name2[11];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:4966:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[11];
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5535:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[11];
data/qgo-2.1~git-20180413/src/network/igsconnection.cpp:754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/qgo-2.1~git-20180413/src/network/igsconnection.cpp:764:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/qgo-2.1~git-20180413/src/network/lgs.cpp:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/qgo-2.1~git-20180413/src/network/protocol.h:75:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char playerRecords(void) { return (unsigned char )((char *)data)[2]; };
data/qgo-2.1~git-20180413/src/network/protocol.h:75:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char playerRecords(void) { return (unsigned char )((char *)data)[2]; };
data/qgo-2.1~git-20180413/src/network/serverlistdialog.h:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddress[16];
data/qgo-2.1~git-20180413/src/network/tomconnection.cpp:120:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipaddr[16];
data/qgo-2.1~git-20180413/src/network/tomconnection.cpp:121:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[20];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:615:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[4];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:822:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipaddr[16];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:823:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[20];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char move_str[32];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2755:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(move_str, "SUR %d %d %d \n", 0, move_message_number, player_number);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2761:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(move_str, "REM %d %d -1 -1 %d %d \n", 0, move_message_number, 0, 1 );
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2769:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(move_str, "REM %d %d %d %d %d %d \n", 0, move_message_number, move->x - 1, move->y - 1, player_number, 0 );
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2780:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(move_str, "DSC %d %d %d \n", 1, 0, player_number);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2786:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(move_str, "SKI %d %d \n", 0, move_message_number); //is that space newline okay? FIXME
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2805:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(move_str, "WIT %d %d %d\n", 0, move_message_number, undo_player_number);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2809:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(move_str, "STO %d %d %d %d %d \n", 0, move_message_number, player_number, move->x - 1, move->y - 1);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2934:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4368:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[14];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4660:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4821:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5124:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5180:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5258:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5290:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5344:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5438:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5527:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[20]; //country can be larger than 11
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6160:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6505:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6557:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6683:106: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
enum TygemConnection::TimeFlags TygemConnection::handleTimeChunk(BoardDispatch * boarddispatch, unsigned char chunk[8], bool black_first)
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7269:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7460:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7841:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8013:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8161:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[15];
data/qgo-2.1~git-20180413/src/network/tygemconnection.h:143:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
enum TimeFlags handleTimeChunk(BoardDispatch * boarddispatch, unsigned char chunk[8], bool black_first);
data/qgo-2.1~git-20180413/src/network/wing.cpp:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/qgo-2.1~git-20180413/src/sgf/sgfparser.cpp:230:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/qgo-2.1~git-20180413/src/sgf/sgfparser.cpp:1480:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly))
data/qgo-2.1~git-20180413/src/network/boarddispatch.cpp:62:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(connection->getCodecString()) != 0)
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:302:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qsocket->read((char*)c, packet_size);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:363:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(si->ipaddress, (const char *)p, 16);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:541:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int length = strlen(text) + 12;
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:585:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int length = strlen(text) + 8;
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:691:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < (int)strlen(password); i++)
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:693:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 9; i >= (int)strlen(password); i--)
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:820:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((room->title && strlen((const char *)room->title) > 20) ||
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:821:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(room->password && strlen((const char *)room->password) > 8))
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:910:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < (int)strlen((const char *)room->title); i++)
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:912:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 19; i >= (int)strlen((const char *)room->title); i--)
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:925:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < (int)strlen((const char *)room->password); i++)
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:927:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 7; i >= (int)strlen((const char *)room->password); i--)
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3268:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 10); name[10] = 0x00;
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3286:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aPlayer->name = serverCodec->toUnicode((const char *)name, strlen((const char *)name));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3415:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3424:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aPlayer->name = serverCodec->toUnicode((const char *)name, strlen((const char *)name));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3820:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(game_record[4]), 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3823:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aGameListing->_black_name = serverCodec->toUnicode((const char *)name, strlen((const char *)name));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3825:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(game_record[14]), 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3828:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aGameListing->_white_name = serverCodec->toUnicode((const char *)name, strlen((const char *)name));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:3996:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:4002:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name2, (char *)p, 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:4020:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aPlayer->name = serverCodec->toUnicode((const char *)name2, strlen((const char *)name2));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:4021:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aPlayer->notnickname = serverCodec->toUnicode((const char *)name, strlen((const char *)name));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:4307:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)text, (char *)p, size - 4); text[size - 4] = 0x00;
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:4349:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)text, (char *)p, size - 4); text[size - 4] = 0x00;
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:4395:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)text, (char *)p, size - 8); text[size - 8] = 0x00;
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5101:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[28]), 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5108:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aGameListing->_black_name = serverCodec->toUnicode((const char *)name, strlen((const char *)name));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5111:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[38]), 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5117:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aGameListing->_white_name = serverCodec->toUnicode((const char *)name, strlen((const char *)name));
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5121:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[48]), 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5125:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[58]), 10);
data/qgo-2.1~git-20180413/src/network/cyberoroconnection.cpp:5545:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 10);
data/qgo-2.1~git-20180413/src/network/quickconnection.cpp:104:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qsocket->read(packet, bytes);
data/qgo-2.1~git-20180413/src/network/tomconnection.cpp:152:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(si->ipaddress, (const char *)ipaddr, 16);
data/qgo-2.1~git-20180413/src/network/tomconnection.cpp:153:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
si->name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:631:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qsocket->read((char *)c, http_connect_content_length);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:648:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qsocket->read((char *)c, bytes);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:761:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qsocket->read((char *)c, packet_size);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:855:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(si->ipaddress, (const char *)ipaddr, 16);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:856:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
si->name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:1467:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int text_length = strlen(text);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:1526:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int text_length = strlen(text);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:1670:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
packet[35] = ((strlen(msg) + 1) >> 8);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:1671:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
packet[36] = (strlen(msg) + 1) & 0x00ff;
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:1676:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen(msg); i++)
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:1678:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
packet[41 + strlen(msg)] = 0x00;
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:1679:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = 42 + strlen(msg);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2812:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int length = 16 + strlen(move_str);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2850:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)&(packet[16]), move_str, strlen(move_str));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2850:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy((char *)&(packet[16]), move_str, strlen(move_str));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2851:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = strlen(move_str) + 16; i < length; i++)
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2937:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, r, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2941:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QString encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2948:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, &(r[16]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:2950:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QString encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:3291:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int str_len = strlen(disconnect_info.toLatin1().constData());
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4399:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4400:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4449:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4450:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4462:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4463:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4681:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[i]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4682:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4923:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4924:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameA = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4934:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4938:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameA2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4949:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4950:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameB = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4959:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11); //chinese
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:4963:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameB2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5015:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(comment, (char *)p, name_length); //FIXME next line strlen
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5016:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aGameListing->comment = serverCodec->toUnicode(comment, strlen(comment));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5134:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[4]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5135:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5144:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[16]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5146:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5150:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)text, (char *)&(msg[37]), size - 0x24);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5164:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u = serverCodec->toUnicode((const char *)text, strlen((char *)text));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5204:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5205:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5214:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5215:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5234:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)text, (char *)p, size_of_message);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5242:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u = serverCodec->toUnicode((const char *)text, strlen((char *)text));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5267:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)msg, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5268:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5275:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[16]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5276:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5298:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)msg, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5299:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5306:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[16]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5307:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5362:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)msg, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5363:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5370:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[16]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5371:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5372:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nickname_len = strlen((char *)name);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5412:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, (char *)&(msg[64]), size_of_message);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5420:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u = serverCodec->toUnicode((const char *)&(text[nickname_len + 2]), strlen((char *)&(text[nickname_len + 2])));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5424:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u = serverCodec->toUnicode((const char *)text, strlen((char *)text));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5449:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5453:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5454:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5465:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5466:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5478:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)text, (char *)p, subject_size);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5490:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)text, (char *)p, msg_size + 1);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5502:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u = serverCodec->toUnicode((const char *)text, strlen((char *)text));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5557:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5558:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5636:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5642:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5653:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5654:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5695:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, country_size);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5792:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[4]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5794:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[20]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:5795:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(getUsername() != serverCodec->toUnicode((char *)name, strlen((char *)name)))
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6204:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[4]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6205:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6206:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[20]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6207:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6535:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6537:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6538:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6589:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6591:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:6592:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7273:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7274:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7280:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7281:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7561:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[4]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7562:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameA = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7573:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[20]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7574:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameB = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7690:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[60]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7691:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameA2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7719:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[72]), 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7720:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_nameB2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7846:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7847:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7853:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7854:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7914:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11); //our nickname
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7915:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7918:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:7919:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8026:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[4]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8027:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8029:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)&(msg[20]), 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8030:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encoded_name2 = serverCodec->toUnicode((char *)name, strlen((char *)name));
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8178:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 14);
data/qgo-2.1~git-20180413/src/network/tygemconnection.cpp:8183:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)name, (char *)p, 11);
data/qgo-2.1~git-20180413/src/sgf/sgfparser.cpp:91:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (index+strlen(c) >= strLength)
data/qgo-2.1~git-20180413/src/sgf/sgfparser.cpp:113:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cl = strlen(c),
ANALYSIS SUMMARY:
Hits = 229
Lines analyzed = 50726 in approximately 1.27 seconds (39823 lines/second)
Physical Source Lines of Code (SLOC) = 35513
Hits@level = [0] 723 [1] 161 [2] 62 [3] 6 [4] 0 [5] 0
Hits@level+ = [0+] 952 [1+] 229 [2+] 68 [3+] 6 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 26.8071 [1+] 6.44834 [2+] 1.91479 [3+] 0.168952 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.