Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/readosm-1.1.0a+dfsg/src/protobuf.c
Examining data/readosm-1.1.0a+dfsg/src/readosm.c
Examining data/readosm-1.1.0a+dfsg/src/osmxml.c
Examining data/readosm-1.1.0a+dfsg/src/osm_objects.c
Examining data/readosm-1.1.0a+dfsg/config-msvc.h
Examining data/readosm-1.1.0a+dfsg/headers/readosm_internals.h
Examining data/readosm-1.1.0a+dfsg/headers/readosm.h
Examining data/readosm-1.1.0a+dfsg/headers/readosm_protobuf.h
Examining data/readosm-1.1.0a+dfsg/examples/test_osm3.c
Examining data/readosm-1.1.0a+dfsg/examples/test_osm2.c
Examining data/readosm-1.1.0a+dfsg/examples/test_osm1.c
FINAL RESULTS:
data/readosm-1.1.0a+dfsg/src/osm_objects.c:180:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag->key, key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:183:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag->value, value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:323:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag->key, key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:326:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag->value, value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:478:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (member->role, role);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:509:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag->key, key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:512:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag->value, value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:630:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (exp_node.user, node->user);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:637:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (exp_node.timestamp, node->timestamp);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:670:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_tag->key, tag->key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:676:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_tag->value, tag->value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:723:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (exp_way.user, way->user);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:730:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (exp_way.timestamp, way->timestamp);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:787:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_tag->key, tag->key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:793:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_tag->value, tag->value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:842:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (exp_relation.user, relation->user);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:849:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (exp_relation.timestamp, relation->timestamp);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:884:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_member->role, member->role);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:921:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_tag->key, tag->key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:927:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_tag->value, tag->value);
data/readosm-1.1.0a+dfsg/src/osmxml.c:259:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (params->node.user, attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:267:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (params->node.timestamp, attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:307:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (params->way.user, attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:315:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (params->way.timestamp, attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:354:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (params->relation.user, attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:362:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (params->relation.timestamp, attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1541:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (nd->timestamp, buf);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1559:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (nd->user, s_ptr->string);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1707:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (way->timestamp, buf);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1733:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (way->user, string->string);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1932:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (relation->timestamp, buf);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1958:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (relation->user, string->string);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:77:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", node->id);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:79:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", node->id);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:99:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", node->changeset);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:101:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", node->changeset);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:167:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", way->id);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:169:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", way->id);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:184:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", way->changeset);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:186:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", way->changeset);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:218:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", *(way->node_refs + i));
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:220:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", *(way->node_refs + i));
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:265:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", relation->id);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:267:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", relation->id);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:282:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", relation->changeset);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:284:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", relation->changeset);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:317:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", member->id);
data/readosm-1.1.0a+dfsg/examples/test_osm1.c:319:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", member->id);
data/readosm-1.1.0a+dfsg/examples/test_osm3.c:138:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
helper.stop_limit = atoi (argv[2]);
data/readosm-1.1.0a+dfsg/headers/readosm_internals.h:220:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4]; /* raw byte buffer */
data/readosm-1.1.0a+dfsg/headers/readosm_internals.h:229:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[8]; /* raw byte buffer */
data/readosm-1.1.0a+dfsg/src/osmxml.c:252:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->node.version = atoi (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:262:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->node.uid = atoi (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:300:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->way.version = atoi (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:310:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->way.uid = atoi (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:347:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->relation.version = atoi (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:357:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->relation.uid = atoi (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xml_buff[BUFFSIZE];
data/readosm-1.1.0a+dfsg/src/osmxml.c:532:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char version[64];
data/readosm-1.1.0a+dfsg/src/osmxml.c:534:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (version, "%d.%d.%d", expat.major, expat.minor, expat.micro);
data/readosm-1.1.0a+dfsg/src/protobuf.c:193:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (string->string, variant->pointer, variant->length);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1529:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/readosm-1.1.0a+dfsg/src/protobuf.c:1531:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf,
data/readosm-1.1.0a+dfsg/src/protobuf.c:1697:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/readosm-1.1.0a+dfsg/src/protobuf.c:1699:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%04d-%02d-%02dT%02d:%02d:%02dZ",
data/readosm-1.1.0a+dfsg/src/protobuf.c:1922:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/readosm-1.1.0a+dfsg/src/protobuf.c:1924:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%04d-%02d-%02dT%02d:%02d:%02dZ",
data/readosm-1.1.0a+dfsg/src/protobuf.c:2318:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (raw_ptr, variant.pointer, raw_sz);
data/readosm-1.1.0a+dfsg/src/protobuf.c:2419:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/readosm-1.1.0a+dfsg/src/readosm.c:132:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input->in = fopen (path, "rb");
data/readosm-1.1.0a+dfsg/src/osm_objects.c:178:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:181:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:321:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:324:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:476:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (role);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:507:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:510:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:628:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (node->user);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:635:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (node->timestamp);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:668:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tag->key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:674:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tag->value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:721:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (way->user);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:728:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (way->timestamp);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:785:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tag->key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:791:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tag->value);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:840:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (relation->user);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:847:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (relation->timestamp);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:882:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (member->role);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:919:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tag->key);
data/readosm-1.1.0a+dfsg/src/osm_objects.c:925:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tag->value);
data/readosm-1.1.0a+dfsg/src/osmxml.c:257:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:265:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:305:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:313:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:352:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/osmxml.c:360:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (attr[i + 1]);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1539:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (buf);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1553:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (s_ptr->string);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1705:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (buf);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1731:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (string->string);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1930:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (buf);
data/readosm-1.1.0a+dfsg/src/protobuf.c:1956:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (string->string);
data/readosm-1.1.0a+dfsg/src/readosm.c:118:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
ANALYSIS SUMMARY:
Hits = 106
Lines analyzed = 5934 in approximately 0.20 seconds (29136 lines/second)
Physical Source Lines of Code (SLOC) = 4226
Hits@level = [0] 71 [1] 33 [2] 41 [3] 0 [4] 32 [5] 0
Hits@level+ = [0+] 177 [1+] 106 [2+] 73 [3+] 32 [4+] 32 [5+] 0
Hits/KSLOC@level+ = [0+] 41.8836 [1+] 25.0828 [2+] 17.274 [3+] 7.57217 [4+] 7.57217 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.