Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ruby-ferret-0.11.8.7/ext/priorityqueue.c
Examining data/ruby-ferret-0.11.8.7/ext/r_store.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_english.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_german.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_api.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_porter.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_spanish.h
Examining data/ruby-ferret-0.11.8.7/ext/helper.c
Examining data/ruby-ferret-0.11.8.7/ext/field_index.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_hungarian.c
Examining data/ruby-ferret-0.11.8.7/ext/q_term.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_english.c
Examining data/ruby-ferret-0.11.8.7/ext/scanner_mb.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_french.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_german.c
Examining data/ruby-ferret-0.11.8.7/ext/store.h
Examining data/ruby-ferret-0.11.8.7/ext/config.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_norwegian.h
Examining data/ruby-ferret-0.11.8.7/ext/except.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_finnish.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_spanish.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_romanian.h
Examining data/ruby-ferret-0.11.8.7/ext/libstemmer.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_2_romanian.c
Examining data/ruby-ferret-0.11.8.7/ext/q_boolean.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_english.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_libstemmer.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_danish.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_norwegian.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_italian.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_turkish.h
Examining data/ruby-ferret-0.11.8.7/ext/q_filtered_query.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_utilities.c
Examining data/ruby-ferret-0.11.8.7/ext/r_analysis.c
Examining data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_spanish.c
Examining data/ruby-ferret-0.11.8.7/ext/q_const_score.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_finnish.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_swedish.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_porter.h
Examining data/ruby-ferret-0.11.8.7/ext/search.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_dutch.h
Examining data/ruby-ferret-0.11.8.7/ext/threading.h
Examining data/ruby-ferret-0.11.8.7/ext/scanner.h
Examining data/ruby-ferret-0.11.8.7/ext/internal.h
Examining data/ruby-ferret-0.11.8.7/ext/r_utils.c
Examining data/ruby-ferret-0.11.8.7/ext/scanner.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_french.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_finnish.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_swedish.c
Examining data/ruby-ferret-0.11.8.7/ext/symbol.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_swedish.c
Examining data/ruby-ferret-0.11.8.7/ext/array.c
Examining data/ruby-ferret-0.11.8.7/ext/r_search.c
Examining data/ruby-ferret-0.11.8.7/ext/array.h
Examining data/ruby-ferret-0.11.8.7/ext/q_range.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_italian.c
Examining data/ruby-ferret-0.11.8.7/ext/modules.h
Examining data/ruby-ferret-0.11.8.7/ext/fs_store.c
Examining data/ruby-ferret-0.11.8.7/ext/q_wildcard.c
Examining data/ruby-ferret-0.11.8.7/ext/q_prefix.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_dutch.c
Examining data/ruby-ferret-0.11.8.7/ext/ferret.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_danish.h
Examining data/ruby-ferret-0.11.8.7/ext/bitvector.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_portuguese.h
Examining data/ruby-ferret-0.11.8.7/ext/q_match_all.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_italian.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_italian.h
Examining data/ruby-ferret-0.11.8.7/ext/ram_store.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_german.c
Examining data/ruby-ferret-0.11.8.7/ext/multimapper.h
Examining data/ruby-ferret-0.11.8.7/ext/global.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_portuguese.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_french.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_portuguese.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_romanian.c
Examining data/ruby-ferret-0.11.8.7/ext/hashset.c
Examining data/ruby-ferret-0.11.8.7/ext/ferret.c
Examining data/ruby-ferret-0.11.8.7/ext/hashset.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_porter.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_german.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_dutch.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_KOI8_R_russian.c
Examining data/ruby-ferret-0.11.8.7/ext/analysis.h
Examining data/ruby-ferret-0.11.8.7/ext/similarity.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_turkish.c
Examining data/ruby-ferret-0.11.8.7/ext/win32.h
Examining data/ruby-ferret-0.11.8.7/ext/helper.h
Examining data/ruby-ferret-0.11.8.7/ext/q_multi_term.c
Examining data/ruby-ferret-0.11.8.7/ext/bitvector.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_2_romanian.h
Examining data/ruby-ferret-0.11.8.7/ext/lang.c
Examining data/ruby-ferret-0.11.8.7/ext/scanner_utf8.c
Examining data/ruby-ferret-0.11.8.7/ext/hash.c
Examining data/ruby-ferret-0.11.8.7/ext/mempool.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_KOI8_R_russian.h
Examining data/ruby-ferret-0.11.8.7/ext/multimapper.c
Examining data/ruby-ferret-0.11.8.7/ext/api.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_norwegian.h
Examining data/ruby-ferret-0.11.8.7/ext/store.c
Examining data/ruby-ferret-0.11.8.7/ext/document.c
Examining data/ruby-ferret-0.11.8.7/ext/term_vectors.c
Examining data/ruby-ferret-0.11.8.7/ext/q_phrase.c
Examining data/ruby-ferret-0.11.8.7/ext/except.c
Examining data/ruby-ferret-0.11.8.7/ext/q_parser.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_hungarian.h
Examining data/ruby-ferret-0.11.8.7/ext/analysis.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_swedish.h
Examining data/ruby-ferret-0.11.8.7/ext/symbol.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_english.h
Examining data/ruby-ferret-0.11.8.7/ext/stopwords.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_hungarian.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_russian.h
Examining data/ruby-ferret-0.11.8.7/ext/global.c
Examining data/ruby-ferret-0.11.8.7/ext/priorityqueue.h
Examining data/ruby-ferret-0.11.8.7/ext/sort.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_portuguese.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_ISO_8859_1_french.h
Examining data/ruby-ferret-0.11.8.7/ext/header.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_finnish.h
Examining data/ruby-ferret-0.11.8.7/ext/document.h
Examining data/ruby-ferret-0.11.8.7/ext/q_span.c
Examining data/ruby-ferret-0.11.8.7/ext/hash.h
Examining data/ruby-ferret-0.11.8.7/ext/r_qparser.c
Examining data/ruby-ferret-0.11.8.7/ext/field_index.c
Examining data/ruby-ferret-0.11.8.7/ext/filter.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_russian.c
Examining data/ruby-ferret-0.11.8.7/ext/similarity.h
Examining data/ruby-ferret-0.11.8.7/ext/index.h
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_norwegian.c
Examining data/ruby-ferret-0.11.8.7/ext/r_index.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_ISO_8859_1_danish.c
Examining data/ruby-ferret-0.11.8.7/ext/STEMMER_stem_UTF_8_spanish.c
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_porter.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_hungarian.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_dutch.h
Examining data/ruby-ferret-0.11.8.7/ext/lang.h
Examining data/ruby-ferret-0.11.8.7/ext/stem_UTF_8_danish.h
Examining data/ruby-ferret-0.11.8.7/ext/search.h
Examining data/ruby-ferret-0.11.8.7/ext/mempool.c
Examining data/ruby-ferret-0.11.8.7/ext/index.c
Examining data/ruby-ferret-0.11.8.7/ext/compound_io.c
Examining data/ruby-ferret-0.11.8.7/ext/posh.c
Examining data/ruby-ferret-0.11.8.7/ext/posh.h
FINAL RESULTS:
data/ruby-ferret-0.11.8.7/ext/analysis.c:1280:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tk->text, hf->text + pos);
data/ruby-ferret-0.11.8.7/ext/document.c:143:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s += sprintf(s, " =>%s\n", fields[i]);
data/ruby-ferret-0.11.8.7/ext/except.c:62:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(xmsg_buffer, XMSG_BUFFER_SIZE, fmt, args);
data/ruby-ferret-0.11.8.7/ext/except.h:149:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(frt_xmsg_buffer, FRT_XMSG_BUFFER_SIZE, __VA_ARGS__);\
data/ruby-ferret-0.11.8.7/ext/except.h:150:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(frt_xmsg_buffer_final, FRT_XMSG_BUFFER_SIZE,\
data/ruby-ferret-0.11.8.7/ext/except.h:157:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(frt_xmsg_buffer, FRT_XMSG_BUFFER_SIZE, ##args);\
data/ruby-ferret-0.11.8.7/ext/except.h:158:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(frt_xmsg_buffer_final, FRT_XMSG_BUFFER_SIZE,\
data/ruby-ferret-0.11.8.7/ext/ferret.c:254:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf + so_far, FRT_BUF_SIZ - so_far, fmt, args);
data/ruby-ferret-0.11.8.7/ext/ferret.c:308:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(term_str, "%s:%s", field, text);
data/ruby-ferret-0.11.8.7/ext/global.c:121:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(string, fmt, args);
data/ruby-ferret-0.11.8.7/ext/global.c:131:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, s);
data/ruby-ferret-0.11.8.7/ext/global.c:151:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, DBL2S, num);
data/ruby-ferret-0.11.8.7/ext/global.c:273:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, CMD_BUF_SIZE, command, progname(), pid);
data/ruby-ferret-0.11.8.7/ext/global.c:295:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( !(stream = popen(buf, "r")) ) {
data/ruby-ferret-0.11.8.7/ext/global.c:374:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/ruby-ferret-0.11.8.7/ext/global.c:464:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/ruby-ferret-0.11.8.7/ext/global.h:291:36: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define xlog if (frt_x_do_logging) printf
data/ruby-ferret-0.11.8.7/ext/index.c:120:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s_%s", base, u);
data/ruby-ferret-0.11.8.7/ext/index.c:123:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s_%s.%s", base, u, ext);
data/ruby-ferret-0.11.8.7/ext/index.c:133:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SEGMENTS_FILE_NAME"_%s", u);
data/ruby-ferret-0.11.8.7/ext/index.c:160:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s_%s.%s%d",
data/ruby-ferret-0.11.8.7/ext/index.c:313:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s += sprintf(str, "[\"%s\":(%s%s%s%s%s%s%s%s", (char *)fi->name,
data/ruby-ferret-0.11.8.7/ext/index.c:513:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf(buf,
data/ruby-ferret-0.11.8.7/ext/index.c:524:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf(buf + pos,
data/ruby-ferret-0.11.8.7/ext/index.c:2159:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tfx", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:2178:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tix", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:2624:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tis", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:3758:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(segment_name, file_name);
data/ruby-ferret-0.11.8.7/ext/index.c:4646:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.cfs", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:4663:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.frq", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:4665:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.prx", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:5395:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.frq", dw->si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:5397:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.prx", dw->si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:5755:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.cfs", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:5761:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdx", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:5779:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tis", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:5781:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.frq", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:5783:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.prx", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:5878:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdt", sm->si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:5881:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdx", sm->si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:5890:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdt", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:5892:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdx", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6071:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.frq", sm->si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:6073:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.prx", sm->si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:6236:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cfs_name, "%s.cfs", si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:6540:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdt", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6542:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdx", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6545:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdt", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6547:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.fdx", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6550:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.del", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6554:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.del", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6627:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tix", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6629:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tix", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6632:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tis", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6634:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tis", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6637:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tfx", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6639:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.tfx", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6642:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.frq", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6644:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.frq", sr_segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6647:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.prx", segment);
data/ruby-ferret-0.11.8.7/ext/index.c:6649:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s.prx", sr_segment);
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:160:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s:", S(field));
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:163:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s~", term);
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:412:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf(doc_freqs + pos, "(%s=%d) + ", term, doc_freq);
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:523:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s:", field);
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:529:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s", bt->term);
data/ruby-ferret-0.11.8.7/ext/q_parser.c:810:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:636:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf(doc_freqs + pos, "%s=%d, ",
data/ruby-ferret-0.11.8.7/ext/q_prefix.c:24:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s:", S(PfxQ(self)->field));
data/ruby-ferret-0.11.8.7/ext/q_prefix.c:27:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s*", prefix);
data/ruby-ferret-0.11.8.7/ext/q_span.c:413:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "SpanTermEnum(%s)@%s", query_str, pos_str);
data/ruby-ferret-0.11.8.7/ext/q_span.c:885:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "SpanOrEnum(%s)@%s", query_str, doc_str);
data/ruby-ferret-0.11.8.7/ext/q_span.c:1192:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "SpanNearEnum(%s)@%s", query_str, doc_str);
data/ruby-ferret-0.11.8.7/ext/q_span.c:1424:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
df_i += sprintf(doc_freqs + df_i, "%s=%d, ", term,
data/ruby-ferret-0.11.8.7/ext/q_span.c:1608:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, smtq->terms[i]);
data/ruby-ferret-0.11.8.7/ext/q_span.c:1828:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
res_p += sprintf(res_p, "%s", q_strs[i]);
data/ruby-ferret-0.11.8.7/ext/q_span.c:2012:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
res_p += sprintf(res_p, "%s", q_strs[i]);
data/ruby-ferret-0.11.8.7/ext/q_span.c:2318:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s:", S(field));
data/ruby-ferret-0.11.8.7/ext/q_span.c:2321:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s*", prefix);
data/ruby-ferret-0.11.8.7/ext/q_wildcard.c:22:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s:", field_str);
data/ruby-ferret-0.11.8.7/ext/q_wildcard.c:24:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bptr += sprintf(bptr, "%s", pattern);
data/ruby-ferret-0.11.8.7/ext/r_analysis.c:395:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "token[\"%s\":%d:%d:%d]", rs2s(token->text),
data/ruby-ferret-0.11.8.7/ext/r_index.c:1125:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(jp, format, tde->doc_num(tde), tde->freq(tde));
data/ruby-ferret-0.11.8.7/ext/r_search.c:231:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + p, "\t%d \"%s\": %0.5f\n", doc_id, value,
data/ruby-ferret-0.11.8.7/ext/r_search.c:944:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s:%s", ostr, qstr);
data/ruby-ferret-0.11.8.7/ext/r_search.c:2348:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sort_str, xsort_str);
data/ruby-ferret-0.11.8.7/ext/sort.c:97:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s:%s%s", S(self->field), type, (self->reverse ? "!" : ""));
data/ruby-ferret-0.11.8.7/ext/sort.c:101:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s%s", type, (self->reverse ? "!" : ""));
data/ruby-ferret-0.11.8.7/ext/sort.c:773:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s += sprintf(s, "%s, ", sf_strs[i]);
data/ruby-ferret-0.11.8.7/ext/win32.h:28:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirname_buf, "%s\\*", dirname);
data/ruby-ferret-0.11.8.7/ext/analysis.c:23:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tk->text, text, sizeof(char) * tlen);
data/ruby-ferret-0.11.8.7/ext/analysis.c:119:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ts, orig_ts, size);
data/ruby-ferret-0.11.8.7/ext/analysis.c:354:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wbuf[MAX_WORD_SIZE + 1], *w, *w_end;
data/ruby-ferret-0.11.8.7/ext/analysis.c:492:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wbuf[MAX_WORD_SIZE + 1], *w, *w_end;
data/ruby-ferret-0.11.8.7/ext/analysis.c:674:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token, ts->t, i);
data/ruby-ferret-0.11.8.7/ext/analysis.c:889:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[MAX_WORD_SIZE + 1];
data/ruby-ferret-0.11.8.7/ext/analysis.c:965:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token, start, token_i * sizeof(char));
data/ruby-ferret-0.11.8.7/ext/analysis.c:1220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_WORD_SIZE + 1];
data/ruby-ferret-0.11.8.7/ext/analysis.c:1226:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tk->text, buf, tk->len + 1);
data/ruby-ferret-0.11.8.7/ext/analysis.c:1345:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wbuf[MAX_WORD_SIZE + 1], *wchr;
data/ruby-ferret-0.11.8.7/ext/analysis.c:1362:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tk->text, "BAD_DATA");
data/ruby-ferret-0.11.8.7/ext/analysis.c:1427:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tk->text, stemmed, len);
data/ruby-ferret-0.11.8.7/ext/analysis.c:1695:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10000];
data/ruby-ferret-0.11.8.7/ext/analysis.h:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[FRT_MAX_WORD_SIZE];
data/ruby-ferret-0.11.8.7/ext/analysis.h:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[FRT_MAX_WORD_SIZE];
data/ruby-ferret-0.11.8.7/ext/bitvector.h:395:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dest[i], &src[i], sizeof(*dest)*(max - i)); \
data/ruby-ferret-0.11.8.7/ext/bitvector.h:402:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&dest[i], &src[i], sizeof(*dest)*(max - i)); \
data/ruby-ferret-0.11.8.7/ext/document.c:68:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, df->name, namelen);
data/ruby-ferret-0.11.8.7/ext/document.c:80:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, df->data[i], df->lengths[i]);
data/ruby-ferret-0.11.8.7/ext/document.c:141:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(buf, "Document [\n");
data/ruby-ferret-0.11.8.7/ext/except.c:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmsg_buffer[XMSG_BUFFER_SIZE];
data/ruby-ferret-0.11.8.7/ext/except.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmsg_buffer_final[XMSG_BUFFER_SIZE];
data/ruby-ferret-0.11.8.7/ext/except.h:174:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char frt_xmsg_buffer[FRT_XMSG_BUFFER_SIZE];
data/ruby-ferret-0.11.8.7/ext/except.h:175:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char frt_xmsg_buffer_final[FRT_XMSG_BUFFER_SIZE];
data/ruby-ferret-0.11.8.7/ext/ferret.c:176:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, old, len + 1);
data/ruby-ferret-0.11.8.7/ext/ferret.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FRT_BUF_SIZ];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:64:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, 0);
data/ruby-ferret-0.11.8.7/ext/fs_store.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path1[MAX_FILE_PATH], path2[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:149:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:273:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(join_path(path, store->dir.path, filename),
data/ruby-ferret-0.11.8.7/ext/fs_store.c:338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:339:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(join_path(path, store->dir.path, filename), O_RDONLY | O_BINARY);
data/ruby-ferret-0.11.8.7/ext/fs_store.c:359:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(lock->name, O_CREAT | O_EXCL | O_RDWR,
data/ruby-ferret-0.11.8.7/ext/fs_store.c:377:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int f = open(lock->name, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | S_IWUSR);
data/ruby-ferret-0.11.8.7/ext/fs_store.c:398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[100];
data/ruby-ferret-0.11.8.7/ext/fs_store.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/global.c:107:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str1 + len1, str2, len2 + 1); /* make sure '\0' copied too */
data/ruby-ferret-0.11.8.7/ext/global.c:157:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%#.6e", num);
data/ruby-ferret-0.11.8.7/ext/global.c:212:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, s, slen);
data/ruby-ferret-0.11.8.7/ext/global.c:232:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
q += sprintf(q, "%ld", l);
data/ruby-ferret-0.11.8.7/ext/global.c:383:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[MAX_PROG_NAME]; /* program name for error msgs */
data/ruby-ferret-0.11.8.7/ext/index.c:117:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:159:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:327:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, ")]");
data/ruby-ferret-0.11.8.7/ext/index.c:689:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:699:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name, si->name, seg_len);
data/ruby-ferret-0.11.8.7/ext/index.c:704:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ext, "cfs", 4);
data/ruby-ferret-0.11.8.7/ext/index.c:712:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ext, INDEX_EXTENSIONS[i], 4);
data/ruby-ferret-0.11.8.7/ext/index.c:727:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:920:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *listing, listing_buffer[1024];
data/ruby-ferret-0.11.8.7/ext/index.c:982:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prev_seg_file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:1087:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seg_file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:1134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:1173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seg_file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:1348:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_in[ZIP_BUFFER_SIZE];
data/ruby-ferret-0.11.8.7/ext/index.c:1451:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + buf_start,
data/ruby-ferret-0.11.8.7/ext/index.c:1518:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:1521:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name, segment, segment_len);
data/ruby-ferret-0.11.8.7/ext/index.c:1525:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_name + segment_len, ".fdt");
data/ruby-ferret-0.11.8.7/ext/index.c:1527:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_name + segment_len, ".fdx");
data/ruby-ferret-0.11.8.7/ext/index.c:1539:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fr, orig, sizeof(FieldsReader));
data/ruby-ferret-0.11.8.7/ext/index.c:1696:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
term->text = (char *)memcpy(ALLOC_N(char, total_len),
data/ruby-ferret-0.11.8.7/ext/index.c:1811:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:1814:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name, segment, segment_len);
data/ruby-ferret-0.11.8.7/ext/index.c:1816:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_name + segment_len, ".fdt");
data/ruby-ferret-0.11.8.7/ext/index.c:1819:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_name + segment_len, ".fdx");
data/ruby-ferret-0.11.8.7/ext/index.c:1871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_buffer[ZIP_BUFFER_SIZE];
data/ruby-ferret-0.11.8.7/ext/index.c:2036:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (char *)memcpy(ALLOC_N(char, te->curr_term_len + 1),
data/ruby-ferret-0.11.8.7/ext/index.c:2042:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (TermInfo*)memcpy(ALLOC(TermInfo), &(te->curr_ti), sizeof(TermInfo));
data/ruby-ferret-0.11.8.7/ext/index.c:2154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:2218:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(te->prev_term, te->curr_term, te->curr_term_len + 1);
data/ruby-ferret-0.11.8.7/ext/index.c:2261:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(te->curr_term,
data/ruby-ferret-0.11.8.7/ext/index.c:2312:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ste, other_te, sizeof(SegmentTermEnum));
data/ruby-ferret-0.11.8.7/ext/index.c:2474:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(te->prev_term, te->curr_term, te->curr_term_len + 1);
data/ruby-ferret-0.11.8.7/ext/index.c:2475:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(te->curr_term, top->term, top->te->curr_term_len + 1);
data/ruby-ferret-0.11.8.7/ext/index.c:2622:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:2731:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:2735:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name, segment, segment_len);
data/ruby-ferret-0.11.8.7/ext/index.c:2742:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_name + segment_len, ".tix");
data/ruby-ferret-0.11.8.7/ext/index.c:2744:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_name + segment_len, ".tis");
data/ruby-ferret-0.11.8.7/ext/index.c:2746:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(file_name + segment_len, ".tfx");
data/ruby-ferret-0.11.8.7/ext/index.c:3626:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
h_set(fn_extensions, INDEX_EXTENSIONS[i], (char *)INDEX_EXTENSIONS[i]);
data/ruby-ferret-0.11.8.7/ext/index.c:3740:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_seg_file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:3756:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char segment_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:3784:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_fn[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:3804:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
si_norm_file_name(si, tmp_fn, atoi(extension + 1));
data/ruby-ferret-0.11.8.7/ext/index.c:4109:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_seg_fn[MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/index.c:4226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char norm_file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:4293:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, norm->bytes, SR_SIZE(sr));
data/ruby-ferret-0.11.8.7/ext/index.c:4401:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:4598:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:4615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:4804:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, bytes, MR(ir)->max_doc);
data/ruby-ferret-0.11.8.7/ext/index.c:5337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:5391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:5620:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_WORD_SIZE];
data/ruby-ferret-0.11.8.7/ext/index.c:5627:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
data_ptr = (char *)memcpy(buf, df->data[i], len);
data/ruby-ferret-0.11.8.7/ext/index.c:5750:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:5777:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:5873:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:5978:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
term = (char *)memcpy(sm->term_buf + sm->term_buf_ptr, term, term_len + 1);
data/ruby-ferret-0.11.8.7/ext/index.c:6069:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:6109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:6207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:6211:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name, si->name, seg_len);
data/ruby-ferret-0.11.8.7/ext/index.c:6217:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ext, COMPOUND_EXTENSIONS[i], 4);
data/ruby-ferret-0.11.8.7/ext/index.c:6235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfs_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:6533:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:6620:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:6695:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_in[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.c:6696:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_out[SEGMENT_NAME_MAX_LENGTH];
data/ruby-ferret-0.11.8.7/ext/index.h:264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_term[FRT_MAX_WORD_SIZE];
data/ruby-ferret-0.11.8.7/ext/index.h:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prev_term[FRT_MAX_WORD_SIZE];
data/ruby-ferret-0.11.8.7/ext/mempool.c:53:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (char *)memcpy(mp_alloc(mp, len), str, len);
data/ruby-ferret-0.11.8.7/ext/mempool.c:58:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char *s = (char *)memcpy(mp_alloc(mp, len + 1), str, len);
data/ruby-ferret-0.11.8.7/ext/mempool.c:65:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy(mp_alloc(mp, len), p, len);
data/ruby-ferret-0.11.8.7/ext/multimapper.c:70:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(states, self->states[c], size * sizeof(int));
data/ruby-ferret-0.11.8.7/ext/multimapper.c:221:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alphabet[256];
data/ruby-ferret-0.11.8.7/ext/multimapper.c:278:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, state->mapping, len);
data/ruby-ferret-0.11.8.7/ext/multimapper.c:317:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, state->mapping, len);
data/ruby-ferret-0.11.8.7/ext/multimapper.h:39:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alphabet[256];
data/ruby-ferret-0.11.8.7/ext/priorityqueue.c:24:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pq, pq, sizeof(PriorityQueue));
data/ruby-ferret-0.11.8.7/ext/priorityqueue.c:26:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pq->heap, pq->heap, sizeof(void *) * (new_pq->size + 1));
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:457:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(csc->sub_scorers, sub_scorers, sizeof(Scorer *) * ss_cnt);
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1383:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_self, self, sizeof(BooleanQuery));
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1386:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BQ(new_self)->clauses, BQ(self)->clauses,
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1460:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + bp, clause_str, sizeof(char) * clause_len);
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1465:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + bp, clause_str, sizeof(char) * clause_len);
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1475:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + bp, boost_str, sizeof(char) * boost_len);
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1507:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BQ(self)->similarity, sim, sizeof(Similarity));
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:416:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(doc_freqs + pos, "= %d", total_doc_freqs);
data/ruby-ferret-0.11.8.7/ext/q_parser.c:1111:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/ruby-ferret-0.11.8.7/ext/q_parser.c:1128:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yyformat[sizeof yyunexpected
data/ruby-ferret-0.11.8.7/ext/q_parser.c:1353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/ruby-ferret-0.11.8.7/ext/q_parser.c:2190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:766:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->positions, positions, size * sizeof(int));
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:1005:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, field, flen);
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:1023:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + buf_index, "<> ", 3);
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:1032:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + buf_index, term, len);
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:1047:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buf_index += sprintf(buffer + buf_index, "~%d", phq->slop);
data/ruby-ferret-0.11.8.7/ext/q_range.c:34:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, field, flen * sizeof(char));
data/ruby-ferret-0.11.8.7/ext/q_range.c:43:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, range->lower_term, llen);
data/ruby-ferret-0.11.8.7/ext/q_range.c:55:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, range->upper_term, ulen);
data/ruby-ferret-0.11.8.7/ext/q_span.c:396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pos_str[20];
data/ruby-ferret-0.11.8.7/ext/q_span.c:402:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos_str, "START");
data/ruby-ferret-0.11.8.7/ext/q_span.c:406:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos_str, "END");
data/ruby-ferret-0.11.8.7/ext/q_span.c:410:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos_str, "%d", self->doc(self) - pos);
data/ruby-ferret-0.11.8.7/ext/q_span.c:869:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doc_str[62];
data/ruby-ferret-0.11.8.7/ext/q_span.c:874:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(doc_str, "START");
data/ruby-ferret-0.11.8.7/ext/q_span.c:878:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(doc_str, "END");
data/ruby-ferret-0.11.8.7/ext/q_span.c:881:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(doc_str, "%d:%d-%d", self->doc(self),
data/ruby-ferret-0.11.8.7/ext/q_span.c:1181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char doc_str[62];
data/ruby-ferret-0.11.8.7/ext/q_span.c:1186:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(doc_str, "START");
data/ruby-ferret-0.11.8.7/ext/q_span.c:1189:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(doc_str, "%d:%d-%d", self->doc(self),
data/ruby-ferret-0.11.8.7/ext/q_span.c:1825:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
res_p += sprintf(res_p, "span_or[");
data/ruby-ferret-0.11.8.7/ext/q_span.c:2009:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
res_p += sprintf(res_p, "span_near[");
data/ruby-ferret-0.11.8.7/ext/q_term.c:273:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, field, sizeof(char) * flen);
data/ruby-ferret-0.11.8.7/ext/q_term.c:277:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, TQ(self)->term, tlen);
data/ruby-ferret-0.11.8.7/ext/q_wildcard.c:98:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[MAX_WORD_SIZE] = "";
data/ruby-ferret-0.11.8.7/ext/q_wildcard.c:107:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefix, WCQ(self)->pattern, prefix_len);
data/ruby-ferret-0.11.8.7/ext/r_index.c:869:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(jp, "%d", te->curr_ti.doc_freq);
data/ruby-ferret-0.11.8.7/ext/r_index.c:884:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(jp, "\"term\":", 7);
data/ruby-ferret-0.11.8.7/ext/r_index.c:888:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(jp, "\"frequency\":", 12);
data/ruby-ferret-0.11.8.7/ext/r_index.c:890:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(jp, "%d", te->curr_ti.doc_freq);
data/ruby-ferret-0.11.8.7/ext/r_index.c:1130:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(jp, "%d,", pos);
data/ruby-ferret-0.11.8.7/ext/r_search.c:210:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "TopDocs: total_hits = %ld, max_score = %lf [\n",
data/ruby-ferret-0.11.8.7/ext/r_search.c:237:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + p, "]\n");
data/ruby-ferret-0.11.8.7/ext/r_search.c:273:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, field_name, l);
data/ruby-ferret-0.11.8.7/ext/r_utils.c:909:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pq, pq, sizeof(PriQ));
data/ruby-ferret-0.11.8.7/ext/r_utils.c:911:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pq->heap, pq->heap, sizeof(VALUE) * (new_pq->size + 1));
data/ruby-ferret-0.11.8.7/ext/ram_store.c:202:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + buffer_offset, src, bytes_to_copy);
data/ruby-ferret-0.11.8.7/ext/ram_store.c:211:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, src + src_offset, bytes_to_copy);
data/ruby-ferret-0.11.8.7/ext/ram_store.c:316:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b + offset, buffer + buffer_offset, bytes_to_copy);
data/ruby-ferret-0.11.8.7/ext/ram_store.c:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[100];
data/ruby-ferret-0.11.8.7/ext/scanner.c:894:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, ts + skip, __len);
data/ruby-ferret-0.11.8.7/ext/scanner_mb.c:6235:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MB_LEN_MAX];
data/ruby-ferret-0.11.8.7/ext/scanner_mb.c:6700:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_wc, ts + skip, __len*sizeof(unsigned int));
data/ruby-ferret-0.11.8.7/ext/scanner_utf8.c:4414:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, ts + skip, __len);
data/ruby-ferret-0.11.8.7/ext/search.c:72:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
return strcat(buffer, "</ul>\n");
data/ruby-ferret-0.11.8.7/ext/search.c:161:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_hit, hit, sizeof(Hit));
data/ruby-ferret-0.11.8.7/ext/search.c:171:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pq->heap[1], hit, sizeof(Hit));
data/ruby-ferret-0.11.8.7/ext/search.c:750:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e_ptr, ellipsis, ellipsis_len);
data/ruby-ferret-0.11.8.7/ext/search.c:760:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e_ptr, pre_tag, pre_tag_len);
data/ruby-ferret-0.11.8.7/ext/search.c:767:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e_ptr, post_tag, post_tag_len);
data/ruby-ferret-0.11.8.7/ext/search.c:781:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e_ptr, ellipsis, ellipsis_len);
data/ruby-ferret-0.11.8.7/ext/search.c:811:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e_ptr, pre_tag, pre_len);
data/ruby-ferret-0.11.8.7/ext/search.c:818:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(e_ptr, post_tag, post_len);
data/ruby-ferret-0.11.8.7/ext/search.h:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[FRT_QP_CONC_WORDS][FRT_MAX_WORD_SIZE];
data/ruby-ferret-0.11.8.7/ext/sort.c:562:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_hit, hit, sizeof(Hit));
data/ruby-ferret-0.11.8.7/ext/sort.c:572:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pq->heap[1], hit, sizeof(Hit));
data/ruby-ferret-0.11.8.7/ext/sort.c:621:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field_doc, hit, sizeof(Hit));
data/ruby-ferret-0.11.8.7/ext/store.c:302:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_index_i, is, sizeof(InStream));
data/ruby-ferret-0.11.8.7/ext/store.c:473:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, is->buf.buf + is->buf.pos, length);
data/ruby-ferret-0.11.8.7/ext/store.c:494:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, is->buf.buf + is->buf.pos, length);
data/ruby-ferret-0.11.8.7/ext/store.c:689:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, fn, len);
data/ruby-ferret-0.11.8.7/ext/win32.h:26:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname_buf[FRT_MAX_FILE_PATH];
data/ruby-ferret-0.11.8.7/ext/analysis.c:42:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tk_set(tk, text, (int)strlen(text), start, end, pos_inc);
data/ruby-ferret-0.11.8.7/ext/analysis.c:251:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(ts->t);
data/ruby-ferret-0.11.8.7/ext/analysis.c:1279:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int text_len = strlen(hf->text + pos);
data/ruby-ferret-0.11.8.7/ext/document.c:40:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return df_add_data_len(df, data, strlen(data));
data/ruby-ferret-0.11.8.7/ext/document.c:138:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(fields[i]) + 5;
data/ruby-ferret-0.11.8.7/ext/ferret.c:253:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
so_far = strlen(buf);
data/ruby-ferret-0.11.8.7/ext/ferret.c:256:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
so_far = strlen(buf);
data/ruby-ferret-0.11.8.7/ext/ferret.c:257:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fmt[0] != '\0' && fmt[strlen(fmt) - 1] == ':') {
data/ruby-ferret-0.11.8.7/ext/ferret.c:259:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
so_far = strlen(buf);
data/ruby-ferret-0.11.8.7/ext/fs_store.c:294:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, path, len) != len) {
data/ruby-ferret-0.11.8.7/ext/fs_store.c:452:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(S_IWOTH);
data/ruby-ferret-0.11.8.7/ext/global.c:104:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = strlen(str1);
data/ruby-ferret-0.11.8.7/ext/global.c:105:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(str2);
data/ruby-ferret-0.11.8.7/ext/global.c:117:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += (int) strlen(fmt);
data/ruby-ferret-0.11.8.7/ext/global.c:130:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = ALLOC_N(char, strlen(s) + 1);
data/ruby-ferret-0.11.8.7/ext/global.c:153:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e = buf + strlen(buf);
data/ruby-ferret-0.11.8.7/ext/global.c:158:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(e = strchr(buf, 'e'))) { e = buf + strlen(buf); }
data/ruby-ferret-0.11.8.7/ext/global.c:165:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, e, strlen(e) + 1);
data/ruby-ferret-0.11.8.7/ext/global.c:188:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int) strlen(fmt) + 1;
data/ruby-ferret-0.11.8.7/ext/global.c:207:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = (int) strlen(s);
data/ruby-ferret-0.11.8.7/ext/global.c:220:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = string + strlen(string);
data/ruby-ferret-0.11.8.7/ext/global.c:223:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q += strlen(q);
data/ruby-ferret-0.11.8.7/ext/global.c:230:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = string + strlen(string);
data/ruby-ferret-0.11.8.7/ext/global.c:377:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fmt[0] != '\0' && fmt[strlen(fmt) - 1] == ':')
data/ruby-ferret-0.11.8.7/ext/global.c:388:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, str, sizeof(name) - 1);
data/ruby-ferret-0.11.8.7/ext/index.c:311:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *str = ALLOC_N(char, strlen((char *)fi->name) + 200);
data/ruby-ferret-0.11.8.7/ext/index.c:690:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t seg_len = strlen(si->name);
data/ruby-ferret-0.11.8.7/ext/index.c:922:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(listing_buffer, listing, 1023);
data/ruby-ferret-0.11.8.7/ext/index.c:1519:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t segment_len = strlen(segment);
data/ruby-ferret-0.11.8.7/ext/index.c:1812:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t segment_len = strlen(segment);
data/ruby-ferret-0.11.8.7/ext/index.c:2733:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t segment_len = strlen(segment);
data/ruby-ferret-0.11.8.7/ext/index.c:2824:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(tiw->tis_writer->last_term),
data/ruby-ferret-0.11.8.7/ext/index.c:3336:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
end += mtde->curr_tde->read(mtde->curr_tde, docs + last_end,
data/ruby-ferret-0.11.8.7/ext/index.c:6209:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int seg_len = strlen(si->name);
data/ruby-ferret-0.11.8.7/ext/index.h:414:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read)(FrtTermDocEnum *tde, int *docs, int *freqs, int req_num);
data/ruby-ferret-0.11.8.7/ext/lang.h:11:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#undef read
data/ruby-ferret-0.11.8.7/ext/mempool.c:52:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str) + 1;
data/ruby-ferret-0.11.8.7/ext/multimapper.c:189:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current_state->mapping_len = strlen(mapping);
data/ruby-ferret-0.11.8.7/ext/multimapper.c:227:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int plen = (int)strlen(pattern);
data/ruby-ferret-0.11.8.7/ext/multimapper.c:302:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int capa = strlen(from);
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1439:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clause_len = (int)strlen(clause_str);
data/ruby-ferret-0.11.8.7/ext/q_boolean.c:1473:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int boost_len = (int)strlen(boost_str);
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:130:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int m = (int)strlen(target);
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:157:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bptr = buffer = ALLOC_N(char, strlen(term) + sym_len(field) + 70);
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:166:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bptr += strlen(bptr);
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:191:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fuzq->pre_len >= (int)strlen(term)) {
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:198:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(prefix, term, pre_len);
data/ruby-ferret-0.11.8.7/ext/q_fuzzy.c:210:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fuzq->text_len = (int)strlen(fuzq->text);
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:79:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
self->pointer_max = self->tde->read(self->tde, self->docs, self->freqs,
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:406:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(((BoostedTerm *)bt_pq->heap[i])->term) + 30;
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:512:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int flen = (int)strlen(field);
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:517:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen += (int)strlen(((BoostedTerm *)boosted_terms->heap[i])->term) + 35;
data/ruby-ferret-0.11.8.7/ext/q_multi_term.c:534:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bptr += (int)strlen(bptr);
data/ruby-ferret-0.11.8.7/ext/q_parser.c:992:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/ruby-ferret-0.11.8.7/ext/q_parser.c:2087:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qp->dynbuf = ALLOC_AND_ZERO_N(char, strlen(qp->qstr) + 1);
data/ruby-ferret-0.11.8.7/ext/q_parser.c:2088:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qp->dynbuf, buf, MAX_WORD_SIZE);
data/ruby-ferret-0.11.8.7/ext/q_parser.c:2192:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, qp->qstr, 1023);
data/ruby-ferret-0.11.8.7/ext/q_parser.c:2455:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int max_len = (int)strlen(str) + 1;
data/ruby-ferret-0.11.8.7/ext/q_parser.c:2492:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(pattern);
data/ruby-ferret-0.11.8.7/ext/q_parser.c:2965:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *new_str = ALLOC_N(char, strlen(str)*2 + 1);
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:627:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(terms[j]) + 30;
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:971:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int flen = strlen(field);
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:994:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(terms[j]) + 5;
data/ruby-ferret-0.11.8.7/ext/q_phrase.c:1031:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(term);
data/ruby-ferret-0.11.8.7/ext/q_prefix.c:18:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t plen = strlen(prefix);
data/ruby-ferret-0.11.8.7/ext/q_prefix.c:47:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t prefix_len = strlen(prefix);
data/ruby-ferret-0.11.8.7/ext/q_range.c:27:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(field);
data/ruby-ferret-0.11.8.7/ext/q_range.c:28:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llen = range->lower_term ? strlen(range->lower_term) : 0;
data/ruby-ferret-0.11.8.7/ext/q_range.c:29:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulen = range->upper_term ? strlen(range->upper_term) : 0;
data/ruby-ferret-0.11.8.7/ext/q_range.c:161:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(lower_term) == len)) &&
data/ruby-ferret-0.11.8.7/ext/q_range.c:164:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(upper_term) == len)))
data/ruby-ferret-0.11.8.7/ext/q_range.c:352:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((!lt || (sscanf(lt, "%lg%n", &lnum, &len) && (int)strlen(lt) == len)) &&
data/ruby-ferret-0.11.8.7/ext/q_range.c:353:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(!ut || (sscanf(ut, "%lg%n", &unum, &len) && (int)strlen(ut) == len)))
data/ruby-ferret-0.11.8.7/ext/q_range.c:564:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(text) == len) { /* We have a number */\
data/ruby-ferret-0.11.8.7/ext/q_range.c:585:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (sscanf(lt,"%lg%n",&lnum,&len) && (int)strlen(lt) == len))
data/ruby-ferret-0.11.8.7/ext/q_range.c:588:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (sscanf(ut,"%lg%n",&unum,&len) && (int)strlen(ut) == len)))
data/ruby-ferret-0.11.8.7/ext/q_span.c:397:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(query_str);
data/ruby-ferret-0.11.8.7/ext/q_span.c:870:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(query_str);
data/ruby-ferret-0.11.8.7/ext/q_span.c:1182:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(query_str);
data/ruby-ferret-0.11.8.7/ext/q_span.c:1423:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
REALLOC_N(doc_freqs, char, df_i + strlen(term) + 23);
data/ruby-ferret-0.11.8.7/ext/q_span.c:1602:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(smtq->terms[i]) + 2;
data/ruby-ferret-0.11.8.7/ext/q_span.c:1609:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(smtq->terms[i]);
data/ruby-ferret-0.11.8.7/ext/q_span.c:1821:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(q_strs[i]) + 2;
data/ruby-ferret-0.11.8.7/ext/q_span.c:2005:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(q_strs[i]);
data/ruby-ferret-0.11.8.7/ext/q_span.c:2312:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t plen = strlen(prefix);
data/ruby-ferret-0.11.8.7/ext/q_span.c:2340:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t prefix_len = strlen(prefix);
data/ruby-ferret-0.11.8.7/ext/q_term.c:57:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ts->pointer_max = ts->tde->read(ts->tde, ts->docs, ts->freqs,
data/ruby-ferret-0.11.8.7/ext/q_term.c:268:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t flen = strlen(field);
data/ruby-ferret-0.11.8.7/ext/q_term.c:269:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t tlen = strlen(TQ(self)->term);
data/ruby-ferret-0.11.8.7/ext/q_wildcard.c:19:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bptr = buffer = ALLOC_N(char, strlen(pattern) + strlen(field_str) + 35);
data/ruby-ferret-0.11.8.7/ext/q_wildcard.c:19:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bptr = buffer = ALLOC_N(char, strlen(pattern) + strlen(field_str) + 35);
data/ruby-ferret-0.11.8.7/ext/q_wildcard.c:39:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *text_last = t + strlen(t);
data/ruby-ferret-0.11.8.7/ext/r_analysis.c:1946:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rtoken_re = rb_reg_new(TOKEN_RE, strlen(TOKEN_RE), 0);
data/ruby-ferret-0.11.8.7/ext/r_index.c:870:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jp += strlen(jp);
data/ruby-ferret-0.11.8.7/ext/r_index.c:891:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jp += strlen(jp);
data/ruby-ferret-0.11.8.7/ext/r_index.c:1126:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jp += strlen(jp);
data/ruby-ferret-0.11.8.7/ext/r_index.c:1131:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jp += strlen(jp);
data/ruby-ferret-0.11.8.7/ext/r_search.c:213:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (int)strlen(str);
data/ruby-ferret-0.11.8.7/ext/r_search.c:224:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/ruby-ferret-0.11.8.7/ext/r_search.c:233:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(str + p);
data/ruby-ferret-0.11.8.7/ext/r_search.c:272:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(field_name);
data/ruby-ferret-0.11.8.7/ext/r_search.c:942:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ostr) + strlen(qstr) + 2;
data/ruby-ferret-0.11.8.7/ext/r_search.c:942:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ostr) + strlen(qstr) + 2;
data/ruby-ferret-0.11.8.7/ext/r_search.c:2346:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(xsort_str);
data/ruby-ferret-0.11.8.7/ext/ram_store.c:106:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(rf->name, LOCK_PREFIX, strlen(LOCK_PREFIX)) == 0) {
data/ruby-ferret-0.11.8.7/ext/search.c:71:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
REALLOC_N(buffer, char, strlen(buffer) + 10);
data/ruby-ferret-0.11.8.7/ext/search.c:741:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int pre_tag_len = (int)strlen(pre_tag);
data/ruby-ferret-0.11.8.7/ext/search.c:742:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int post_tag_len = (int)strlen(post_tag);
data/ruby-ferret-0.11.8.7/ext/search.c:743:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int ellipsis_len = (int)strlen(ellipsis);
data/ruby-ferret-0.11.8.7/ext/search.c:794:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int pre_len = (int)strlen(pre_tag);
data/ruby-ferret-0.11.8.7/ext/search.c:795:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int post_len = (int)strlen(post_tag);
data/ruby-ferret-0.11.8.7/ext/sort.c:96:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = ALLOC_N(char, 3 + sym_len(self->field) + strlen(type));
data/ruby-ferret-0.11.8.7/ext/sort.c:100:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = ALLOC_N(char, 2 + strlen(type));
data/ruby-ferret-0.11.8.7/ext/sort.c:373:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = (int)strlen(text);
data/ruby-ferret-0.11.8.7/ext/sort.c:766:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += (int)strlen(s) + 2;
data/ruby-ferret-0.11.8.7/ext/sort.c:781:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(s, "]");
data/ruby-ferret-0.11.8.7/ext/store.c:608:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
os_write_string_len(os, str, (int)strlen(str));
data/ruby-ferret-0.11.8.7/ext/store.c:620:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int start = (int) strlen(filename) - 4;
data/ruby-ferret-0.11.8.7/ext/store.c:669:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnl->total_len += strlen(fname) + 2;
data/ruby-ferret-0.11.8.7/ext/store.c:688:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/ruby-ferret-0.11.8.7/ext/symbol.h:21:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define frt_sym_len(sym) strlen(rb_id2name((ID)sym))
ANALYSIS SUMMARY:
Hits = 414
Lines analyzed = 89586 in approximately 2.75 seconds (32586 lines/second)
Physical Source Lines of Code (SLOC) = 72145
Hits@level = [0] 80 [1] 121 [2] 203 [3] 0 [4] 90 [5] 0
Hits@level+ = [0+] 494 [1+] 414 [2+] 293 [3+] 90 [4+] 90 [5+] 0
Hits/KSLOC@level+ = [0+] 6.84732 [1+] 5.73844 [2+] 4.06127 [3+] 1.24749 [4+] 1.24749 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.