Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/qsopt-ex-2.5.10.3/esolver/esolver.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/QSopt_ex.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/QSopt_ex_version.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/QSopt_ex_version.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/allocrus.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/allocrus.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/basicdefs.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/basis.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/basis.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/bgetopt.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/bgetopt.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/binary.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/binary.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dheaps_i.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dheaps_i.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dstruct.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dstruct.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/editor.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_elist.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_exact.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_exutil.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_exutil.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.dbl.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpq.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_macros.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_macros.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_mem.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_memslab.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_memslab.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_nummacros.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_numutil.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_numutil.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_timer.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/exact.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/exact.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/except.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/except.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/factor.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/fct.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/fct.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/format.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/format.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lib.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/logging-private.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/logging.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/logging.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lp.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lpdefs.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/mps.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/names.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/names.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/price.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/price.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/priority.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/priority.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qs_config.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qstruct.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/ratio.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/ratio.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reader.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reader.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/readline.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/readline.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reporter.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reporter.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/stddefs.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/trace.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/util.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/util.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.h
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.c
Examining data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.h
Examining data/qsopt-ex-2.5.10.3/tests/eg_lpnum_ex.c
Examining data/qsopt-ex-2.5.10.3/tests/eg_sloan.c
Examining data/qsopt-ex-2.5.10.3/tests/eg_sloan.h
Examining data/qsopt-ex-2.5.10.3/tests/ftest.c
Examining data/qsopt-ex-2.5.10.3/tests/ftest.h
Examining data/qsopt-ex-2.5.10.3/tests/solver.c
Examining data/qsopt-ex-2.5.10.3/tests/solver.h
Examining data/qsopt-ex-2.5.10.3/tests/test_qs.c
FINAL RESULTS:
data/qsopt-ex-2.5.10.3/esolver/esolver.c:355:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (out_f_name, "%s", solname);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:464:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf,EGio_BUFSIZE,format,va);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:107:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(__out+__lo+2,"%s",__lpstr__+__lo);\
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_timer.h:84:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Your system does not have (or the configure script could not find)\
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_timer.h:86:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
timing functions. Without them this library will not compile in this system
data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:63:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (error->desc, desc);
data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:70:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (error->theLine, theLine);
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:2873:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((*names)[i], qslp->rownames[rowlist[i]]);
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3078:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((*names)[i], qslp->colnames[collist[i]]);
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3374:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rownames[i], qslp->rownames[i]);
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3470:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (colnames[i], qslp->colnames[i]);
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:4234:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, name);
data/qsopt-ex-2.5.10.3/qsopt_ex/logging.c:46:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int n = vsnprintf(NULL, 0, format, args2);
data/qsopt-ex-2.5.10.3/qsopt_ex/logging.c:60:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buffer, n+1, format, args);
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:636:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, old_name);
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:972:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, name);
data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.c:715:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
rval = vsprintf (buffer, format, argptr);
data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:794:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bndtype, state->field);
data/qsopt-ex-2.5.10.3/qsopt_ex/names.c:81:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((*names)[i], buf);
data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:976:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (info->colnames[ncols], colnames[j]);
data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:1004:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (info->colnames[ncols], buf);
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:597:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->name, name);
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:609:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->qslp->probname, p->name);
data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:1713:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (error_desc, format, args);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:121:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (state->line, state->realline);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:194:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (state->p, "%s", state->field) != EOF)
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:644:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (error_desc, format, args);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:116:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (state->p, "%s", state->key) == 1)
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:123:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (state->p, "%s", state->field) == 1)
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:144:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (state->p, "%s", state->field) < 1)
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:188:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (state->p, "%s", state->field) == 1)
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:471:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (error_desc, format, args);
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:879:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "starting EGLPNUM_TYPENAME_ILLsimplex on %s...", lp->O->probname);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:625:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (h->namelist + h->strsize, s);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:670:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (new_var, prefix);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:703:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (prefix, "%s", try_prefix[0]);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:710:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (new, "%s_%d", new_pre, i);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:717:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, new);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:827:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
nwords = sscanf (line, "%s%s%s", cmd, symbol, str);
data/qsopt-ex-2.5.10.3/qsopt_ex/util.c:279:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cpy, str);
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:74:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (line->p, "%s", str);
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:155:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (line->p, "%s%n", numstr, &len);
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:66:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "a:b:c:e:s:d:o:t:")) != EOF)
data/qsopt-ex-2.5.10.3/esolver/esolver.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[4096],*argv[128];
data/qsopt-ex-2.5.10.3/esolver/esolver.c:203:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
precision = atoi (boptarg);
data/qsopt-ex-2.5.10.3/esolver/esolver.c:207:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dstrategy = atoi (boptarg);
data/qsopt-ex-2.5.10.3/esolver/esolver.c:218:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pstrategy = atoi (boptarg);
data/qsopt-ex-2.5.10.3/esolver/esolver.c:353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_f_name[1024];
data/qsopt-ex-2.5.10.3/qsopt_ex/allocrus.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char space[ILL_BIGCHUNK];
data/qsopt-ex-2.5.10.3/qsopt_ex/bgetopt.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bwarn[2];
data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *commands[NCOMMAND + 1];
data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:83:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hasSubCmd[NCOMMAND + 1];
data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sense[1];
data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:610:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[1];
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __EGiobuff[256] =
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __EGiobuff[256] =
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:315:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*param = atoi(argv[1]);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:343:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*param = atoi(argv[1]);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:415:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*param = atoi(argv[0]);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[EGio_BUFSIZE];
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[EGio_BUFSIZE];
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lmode[8];
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:510:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file->file = fopen(path,lmode);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.h:67:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE*__EGsFILE = fopen(__EGsfile,__EGsmode);\
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c:205:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rptr,ptr,msz);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rptr,ptr,msz);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c:325:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mc[5][3] = {"b ","Kb","Mb","Gb","Tb"};
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.dbl.h:336:46: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define dbl_EGlpNumCopyArray(dest,orig,size) memcpy(dest,orig,sizeof(double)*(size))
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __lpstr__[4096];\
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __lpstr__[4096];\
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:105:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if(__lo) sprintf(__out,"-0.");\
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:106:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(__out,"0.");\
data/qsopt-ex-2.5.10.3/qsopt_ex/exact.c:777:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[1024];
data/qsopt-ex-2.5.10.3/qsopt_ex/exact.c:934:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char __sp[81] =
data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2781:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnambuf[40];
data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2796:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (fnambuf, "prob.mat.%d.gz", fsavecnt);
data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2798:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (fnambuf, "prob.mat.%d.bz2", fsavecnt);
data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2800:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (fnambuf, "prob.mat.%d", fsavecnt);
data/qsopt-ex-2.5.10.3/qsopt_ex/format.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char has_error[QS_INPUT_NERROR];
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:1169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:2121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:4209:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name,
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:4211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize])
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.h:127:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name,
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.h:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize]);
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:609:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p1[2], p2[3];
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:639:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d", i);
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:647:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d", i);
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:722:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *bnds[3], *integer[3], *end[2];
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:936:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:967:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (objname, "obj");
data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.c:712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:72:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *EGLPNUM_TYPENAME_ILLmps_section_name[ILL_MPS_N_SECTIONS + 2] = {
data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:780:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bndtype[3];
data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:1110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:1125:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "obj");
data/qsopt-ex-2.5.10.3/qsopt_ex/mps.h:36:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *EGLPNUM_TYPENAME_ILLmps_section_name[ILL_MPS_N_SECTIONS + 2];
data/qsopt-ex-2.5.10.3/qsopt_ex/names.c:77:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%c%d", prefix, i);
data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:994:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "s%d", i);
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:603:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p->name, "noname");
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:774:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "obj");
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1016:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vsense[1];
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1017:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *vnames[1];
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1084:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vsense[1];
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1085:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *vnames[1];
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vsenselist[1];
data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:851:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname2[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:1711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_desc[256];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:635:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_desc[256];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:724:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char realline[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[ILL_namebufsize + 1];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_desc[256];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/reader.c:115:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen (fname, "r");
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:873:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char print_str[20];
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1364:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (print_str, "primal infeas");
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1376:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (print_str, "primal objval");
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1381:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (print_str, "dual infeas");
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1385:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (print_str, "dual objval");
data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:3005:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *head[NBINS];
data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **tail[NBINS];
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:218:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
k = look_it_up (h, (const char *) names[i]);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:684:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *try_prefix[3];
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_pre[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:724:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *pref,
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:725:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname2[ILL_namebufsize])
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:729:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (uname2, "%d", i);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:808:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *prefix[3];
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:810:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100], symbol[100], line[256], str[100];
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:866:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi (symbol);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:873:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi (symbol);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:103:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *s,
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **names),
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:113:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name,
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:117:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *s),
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:120:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *s),
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ILL_namebufsize],
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:130:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *pref,
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[ILL_namebufsize]);
data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c:156:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m = atoi (av[1]); /* Number to discard initially */
data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c:157:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi (av[2]); /* Number to print */
data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c:158:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi (av[3]); /* Seed */
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:94:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line->p, " - ");
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:102:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line->p, " + ");
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:218:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line->p, "%.0f%n", x, &k);
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:231:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line->p, "/1%n", &k);
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ILL_namebufsize];
data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[40];
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strtmp[1024];
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:71:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s1 = atoi (optarg);
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:74:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s2 = atoi (optarg);
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:77:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k1 = atoi (optarg);
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:80:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k2 = atoi (optarg);
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:83:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
use_scaling = atoi (optarg);
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:86:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
use_double = atoi (optarg);
data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:92:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = atoi (optarg);
data/qsopt-ex-2.5.10.3/tests/ftest.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[4096];
data/qsopt-ex-2.5.10.3/tests/ftest.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAXITER];
data/qsopt-ex-2.5.10.3/tests/ftest.c:120:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dim = atoi(l_argv[0]);
data/qsopt-ex-2.5.10.3/tests/ftest.c:121:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ncol = atoi(l_argv[1]);
data/qsopt-ex-2.5.10.3/tests/ftest.c:122:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nzcnt = atoi(l_argv[2]);
data/qsopt-ex-2.5.10.3/tests/ftest.c:140:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
basis[i] = atoi(l_argv[i]);
data/qsopt-ex-2.5.10.3/tests/ftest.c:157:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cind[nz] = atoi(l_argv[2*i+1]);
data/qsopt-ex-2.5.10.3/tests/ftest.c:185:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
col[niter] = atoi(l_argv[l_par++]);
data/qsopt-ex-2.5.10.3/tests/ftest.c:203:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nzcnt = atoi(l_argv[l_par++]);
data/qsopt-ex-2.5.10.3/tests/ftest.c:207:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x.indx[i] = atoi(l_argv[l_par++]);
data/qsopt-ex-2.5.10.3/tests/solver.c:275:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
precision = atoi (boptarg);
data/qsopt-ex-2.5.10.3/tests/solver.c:279:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dstrategy = atoi (boptarg);
data/qsopt-ex-2.5.10.3/tests/solver.c:297:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pstrategy = atoi (boptarg);
data/qsopt-ex-2.5.10.3/tests/test_qs.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sense[2] = { 'L', 'E' };
data/qsopt-ex-2.5.10.3/tests/test_qs.c:53:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *colnames[3] = { "x", "y", "z" };
data/qsopt-ex-2.5.10.3/tests/test_qs.c:54:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *rownames[2] = { "c1", "c2"};
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:63:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t clen = strlen(comment);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:64:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t dlen = strlen(delim);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:142:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t clen = strlen(comment);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:143:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t dlen = strlen(delim);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:279:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(name)+5;
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:307:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(name)+5;
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:335:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(name)+5;
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:363:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(name)+5;
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:388:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(name)+5;
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:432:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:487:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(path);
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:91:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__i = strlen(__lpstr__);\
data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:103:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__pos = strlen(__lpstr__) + ((size_t)(__lo + 2));\
data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:60:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (desc);
data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:67:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (theLine);
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:2870:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (qslp->rownames[rowlist[i]]) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3075:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (qslp->colnames[collist[i]]) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3371:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (qslp->rownames[i]) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3467:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (qslp->colnames[i]) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:635:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (old_name);
data/qsopt-ex-2.5.10.3/qsopt_ex/names.c:78:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (buf) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:967:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (colnames[j]) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:995:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (buf) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:594:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:606:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p->name) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:1714:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen (error_desc);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:147:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (state->realline, "\n");
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:196:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->p += strlen (state->field);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:274:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (state->field, state->p, (size_t) var_len);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:400:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp (state->p, str, strlen (str)) == 0)
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:402:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->p += strlen (str);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:645:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen (error_desc);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:777:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (field, line, (size_t) i);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:118:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->p += strlen (state->key);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:125:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->p += strlen (state->field);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:154:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->p += strlen (state->field);
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:190:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->p += strlen (state->field) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:472:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen (error_desc);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:514:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->freedchars += strlen (h->namelist + h->nametable[del_ind].symbol) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:619:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (s) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:662:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t plen = strlen (prefix);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:663:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nlen = strlen (name);
data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:672:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (p, name, nlen + 1);
data/qsopt-ex-2.5.10.3/qsopt_ex/util.c:276:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str) + 1;
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:75:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (line->p);
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:107:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (line->p, " ");
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:198:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (line->p, "-");
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:224:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (line->p, "0");
data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:236:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (line->p, "0");
data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.c:196:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (t->name, "ANONYMOUS", sizeof (t->name) - 1);
data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.c:200:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (t->name, name, sizeof (t->name) - 1);
ANALYSIS SUMMARY:
Hits = 234
Lines analyzed = 57513 in approximately 1.33 seconds (43250 lines/second)
Physical Source Lines of Code (SLOC) = 43350
Hits@level = [0] 227 [1] 51 [2] 140 [3] 1 [4] 42 [5] 0
Hits@level+ = [0+] 461 [1+] 234 [2+] 183 [3+] 43 [4+] 42 [5+] 0
Hits/KSLOC@level+ = [0+] 10.6344 [1+] 5.39792 [2+] 4.22145 [3+] 0.991926 [4+] 0.968858 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.