Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ruby-ox-2.11.0/ext/ox/obj_load.c Examining data/ruby-ox-2.11.0/ext/ox/sax_stack.h Examining data/ruby-ox-2.11.0/ext/ox/hash_load.c Examining data/ruby-ox-2.11.0/ext/ox/sax_buf.h Examining data/ruby-ox-2.11.0/ext/ox/ox.h Examining data/ruby-ox-2.11.0/ext/ox/builder.c Examining data/ruby-ox-2.11.0/ext/ox/base64.c Examining data/ruby-ox-2.11.0/ext/ox/dump.c Examining data/ruby-ox-2.11.0/ext/ox/cache8.h Examining data/ruby-ox-2.11.0/ext/ox/encode.h Examining data/ruby-ox-2.11.0/ext/ox/base64.h Examining data/ruby-ox-2.11.0/ext/ox/sax_as.c Examining data/ruby-ox-2.11.0/ext/ox/err.h Examining data/ruby-ox-2.11.0/ext/ox/sax_buf.c Examining data/ruby-ox-2.11.0/ext/ox/cache.h Examining data/ruby-ox-2.11.0/ext/ox/err.c Examining data/ruby-ox-2.11.0/ext/ox/sax_hint.h Examining data/ruby-ox-2.11.0/ext/ox/sax_hint.c Examining data/ruby-ox-2.11.0/ext/ox/special.h Examining data/ruby-ox-2.11.0/ext/ox/helper.h Examining data/ruby-ox-2.11.0/ext/ox/cache8.c Examining data/ruby-ox-2.11.0/ext/ox/cache.c Examining data/ruby-ox-2.11.0/ext/ox/buf.h Examining data/ruby-ox-2.11.0/ext/ox/parse.c Examining data/ruby-ox-2.11.0/ext/ox/sax_has.h Examining data/ruby-ox-2.11.0/ext/ox/attr.h Examining data/ruby-ox-2.11.0/ext/ox/sax.c Examining data/ruby-ox-2.11.0/ext/ox/special.c Examining data/ruby-ox-2.11.0/ext/ox/type.h Examining data/ruby-ox-2.11.0/ext/ox/gen_load.c Examining data/ruby-ox-2.11.0/ext/ox/ox.c Examining data/ruby-ox-2.11.0/ext/ox/sax.h FINAL RESULTS: data/ruby-ox-2.11.0/ext/ox/builder.c:632:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(e->buf, name); data/ruby-ox-2.11.0/ext/ox/err.c:16:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(e->msg, sizeof(e->msg) - 1, format, ap); data/ruby-ox-2.11.0/ext/ox/ox.c:1038:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(options.strip_ns, ox_default_options.strip_ns); data/ruby-ox-2.11.0/ext/ox/sax_buf.c:147:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf->tail, str); data/ruby-ox-2.11.0/ext/ox/sax_buf.c:166:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf->tail, str); data/ruby-ox-2.11.0/ext/ox/attr.h:54:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stack->head, stack->base, sizeof(struct _attr) * len); data/ruby-ox-2.11.0/ext/ox/buf.h:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base[16384]; data/ruby-ox-2.11.0/ext/ox/buf.h:98:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf->head, buf->base, len); data/ruby-ox-2.11.0/ext/ox/buf.h:107:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf->tail, s, slen); data/ruby-ox-2.11.0/ext/ox/buf.h:132:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf->head, buf->base, len); data/ruby-ox-2.11.0/ext/ox/builder.c:19:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/ruby-ox-2.11.0/ext/ox/builder.c:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char encoding[64]; data/ruby-ox-2.11.0/ext/ox/builder.c:44:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char xml_friendly_chars[257] = "\ data/ruby-ox-2.11.0/ext/ox/builder.c:57:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char xml_attr_chars[257] = "\ data/ruby-ox-2.11.0/ext/ox/builder.c:68:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char xml_element_chars[257] = "\ data/ruby-ox-2.11.0/ext/ox/builder.c:124:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ruby-ox-2.11.0/ext/ox/builder.c:415:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (NULL == (f = fopen(StringValuePtr(*argv), "w"))) { data/ruby-ox-2.11.0/ext/ox/cache.c:32:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d + 1, s, len + 1); data/ruby-ox-2.11.0/ext/ox/cache.c:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[256]; data/ruby-ox-2.11.0/ext/ox/dump.c:79:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char hex_chars[17] = "0123456789abcdef"; data/ruby-ox-2.11.0/ext/ox/dump.c:83:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char xml_friendly_chars[257] = "\ data/ruby-ox-2.11.0/ext/ox/dump.c:93:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char xml_quote_chars[257] = "\ data/ruby-ox-2.11.0/ext/ox/dump.c:103:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char xml_element_chars[257] = "\ data/ruby-ox-2.11.0/ext/ox/dump.c:182:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, out->opts->margin, out->opts->margin_len); data/ruby-ox-2.11.0/ext/ox/dump.c:194:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, value, len); data/ruby-ox-2.11.0/ext/ox/dump.c:210:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, value, len); data/ruby-ox-2.11.0/ext/ox/dump.c:297:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/ruby-ox-2.11.0/ext/ox/dump.c:331:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, value, size); data/ruby-ox-2.11.0/ext/ox/dump.c:404:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, out->opts->inv_repl + 1, (size_t)*out->opts->inv_repl); data/ruby-ox-2.11.0/ext/ox/dump.c:416:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/ruby-ox-2.11.0/ext/ox/dump.c:449:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/ruby-ox-2.11.0/ext/ox/dump.c:479:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, b, size); data/ruby-ox-2.11.0/ext/ox/dump.c:485:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/ruby-ox-2.11.0/ext/ox/dump.c:503:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, b, size); data/ruby-ox-2.11.0/ext/ox/dump.c:544:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. out->cur += sprintf(out->cur, "%04d-%02d-%02dT%02d:%02d:%02d.%06ld%c%02d:%02d", data/ruby-ox-2.11.0/ext/ox/dump.c:552:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/ruby-ox-2.11.0/ext/ox/dump.c:596:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value_buf[64]; data/ruby-ox-2.11.0/ext/ox/dump.c:825:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num_buf[16]; data/ruby-ox-2.11.0/ext/ox/dump.c:1085:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->cur, out->opts->margin, out->opts->margin_len); data/ruby-ox-2.11.0/ext/ox/dump.c:1312:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (0 == (f = fopen(path, "w"))) { data/ruby-ox-2.11.0/ext/ox/err.h:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[128]; data/ruby-ox-2.11.0/ext/ox/helper.h:59:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stack->head, stack->base, sizeof(struct _helper) * len); data/ruby-ox-2.11.0/ext/ox/obj_load.c:82:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). var_id = INT2NUM(atoi(name)); data/ruby-ox-2.11.0/ext/ox/obj_load.c:209:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char class_name[1024]; data/ruby-ox-2.11.0/ext/ox/obj_load.c:333:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ca->objs, ca->obj_array, sizeof(VALUE) * ca->cnt); data/ruby-ox-2.11.0/ext/ox/obj_load.c:411:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[128]; data/ruby-ox-2.11.0/ext/ox/obj_load.c:564:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/ruby-ox-2.11.0/ext/ox/obj_load.c:565:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[128]; data/ruby-ox-2.11.0/ext/ox/obj_load.c:711:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[128]; data/ruby-ox-2.11.0/ext/ox/obj_load.c:714:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/ruby-ox-2.11.0/ext/ox/obj_load.c:956:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[128]; data/ruby-ox-2.11.0/ext/ox/ox.c:661:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xml, x, len); data/ruby-ox-2.11.0/ext/ox/ox.c:705:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xml, x, len); data/ruby-ox-2.11.0/ext/ox/ox.c:942:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xml, StringValuePtr(*argv), len); data/ruby-ox-2.11.0/ext/ox/ox.c:988:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (0 == (f = fopen(path, "r"))) { data/ruby-ox-2.11.0/ext/ox/ox.h:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char encoding[64]; /* encoding, stored in the option to avoid GC invalidation in default values */ data/ruby-ox-2.11.0/ext/ox/ox.h:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char margin[128]; /* left margin for dumping */ data/ruby-ox-2.11.0/ext/ox/ox.h:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inv_repl[12]; /* max 10 valid characters, first character is the length */ data/ruby-ox-2.11.0/ext/ox/ox.h:144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strip_ns[64]; /* namespace to strip, \0 is no-strip, \* is all, else only matches */ data/ruby-ox-2.11.0/ext/ox/parse.c:46:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char xml_valid_lower_chars[34] = "xxxxxxxxxooxxoxxxxxxxxxxxxxxxxxxo"; data/ruby-ox-2.11.0/ext/ox/parse.c:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char content[1024]; data/ruby-ox-2.11.0/ext/ox/parse.c:691:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_TEXT_LEN]; data/ruby-ox-2.11.0/ext/ox/parse.c:715:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(alloc_buf, buf, b - buf); data/ruby-ox-2.11.0/ext/ox/parse.c:778:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_TEXT_LEN]; data/ruby-ox-2.11.0/ext/ox/parse.c:810:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(alloc_buf, buf, b - buf); data/ruby-ox-2.11.0/ext/ox/parse.c:1001:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *b, buf[32]; data/ruby-ox-2.11.0/ext/ox/sax.c:416:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/ruby-ox-2.11.0/ext/ox/sax.c:477:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char content[4096]; data/ruby-ox-2.11.0/ext/ox/sax.c:878:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/ruby-ox-2.11.0/ext/ox/sax.c:895:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/ruby-ox-2.11.0/ext/ox/sax.c:919:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/ruby-ox-2.11.0/ext/ox/sax.c:1045:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/ruby-ox-2.11.0/ext/ox/sax.h:22:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strip_ns[64]; data/ruby-ox-2.11.0/ext/ox/sax_buf.c:90:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf->head, old, size); data/ruby-ox-2.11.0/ext/ox/sax_buf.h:12:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base[0x00001000]; data/ruby-ox-2.11.0/ext/ox/sax_hint.c:171:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nh->hints, h->hints, sizeof(struct _hint) * h->size); data/ruby-ox-2.11.0/ext/ox/sax_stack.h:54:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stack->head, stack->base, sizeof(struct _nv) * len); data/ruby-ox-2.11.0/ext/ox/builder.c:195:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(s); data/ruby-ox-2.11.0/ext/ox/builder.c:568:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(b->encoding, StringValuePtr(v), sizeof(b->encoding)); data/ruby-ox-2.11.0/ext/ox/builder.c:621:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/ruby-ox-2.11.0/ext/ox/builder.c:679:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/ruby-ox-2.11.0/ext/ox/cache.c:28:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(s); data/ruby-ox-2.11.0/ext/ox/dump.c:159:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (is_xml_friendly((uchar*)sym, (int)strlen(sym), xml_element_chars)) ? SymbolCode : Symbol64Code; data/ruby-ox-2.11.0/ext/ox/dump.c:613:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). e.attr.len = strlen(e.attr.str); data/ruby-ox-2.11.0/ext/ox/dump.c:735:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cnt = (int)strlen(sym); data/ruby-ox-2.11.0/ext/ox/dump.c:836:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). e.clas.len = strlen(e.clas.str); data/ruby-ox-2.11.0/ext/ox/dump.c:861:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). e.clas.len = strlen(e.clas.str); data/ruby-ox-2.11.0/ext/ox/dump.c:981:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). e.clas.len = strlen(e.clas.str); data/ruby-ox-2.11.0/ext/ox/dump.c:1036:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(out->opts->encoding, enc, sizeof(out->opts->encoding) - 1); data/ruby-ox-2.11.0/ext/ox/dump.c:1212:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). klen = strlen(ks); data/ruby-ox-2.11.0/ext/ox/obj_load.c:365:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). te = text + strlen(text) - 1; data/ruby-ox-2.11.0/ext/ox/ox.c:313:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int elen = (int)strlen(ox_default_options.encoding); data/ruby-ox-2.11.0/ext/ox/ox.c:362:82: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rb_hash_aset(opts, strip_namespace_sym, rb_str_new(ox_default_options.strip_ns, strlen(ox_default_options.strip_ns))); data/ruby-ox-2.11.0/ext/ox/ox.c:468:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ox_default_options.encoding, StringValuePtr(v), sizeof(ox_default_options.encoding) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:557:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ox_default_options.inv_repl + 1, StringValuePtr(v), sizeof(ox_default_options.inv_repl) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:578:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ox_default_options.strip_ns, StringValuePtr(v), sizeof(ox_default_options.strip_ns) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:592:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ox_default_options.margin, StringValuePtr(v), sizeof(ox_default_options.margin) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:594:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ox_default_options.margin_len = strlen(ox_default_options.margin); data/ruby-ox-2.11.0/ext/ox/ox.c:795:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(options.inv_repl + 1, StringValuePtr(v), sizeof(options.inv_repl) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:815:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(options.strip_ns, StringValuePtr(v), sizeof(options.strip_ns) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:828:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(options.margin, StringValuePtr(v), sizeof(options.margin) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:830:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). options.margin_len = strlen(options.margin); data/ruby-ox-2.11.0/ext/ox/ox.c:1082:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(options.strip_ns, StringValuePtr(v), sizeof(options.strip_ns) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:1209:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(copts->encoding, StringValuePtr(v), sizeof(copts->encoding) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:1236:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(copts->inv_repl + 1, StringValuePtr(v), sizeof(copts->inv_repl) - 1); data/ruby-ox-2.11.0/ext/ox/ox.c:1251:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(copts->margin, StringValuePtr(v), sizeof(copts->margin) - 1); data/ruby-ox-2.11.0/ext/ox/sax_buf.c:145:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cnt = strlen(str); data/ruby-ox-2.11.0/ext/ox/sax_buf.c:164:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cnt = strlen(str); data/ruby-ox-2.11.0/ext/ox/sax_buf.c:187:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cnt = read(buf->in.fd, buf->tail, max); data/ruby-ox-2.11.0/ext/ox/sax_buf.c:199:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t cnt = strlen(src) + 1; data/ruby-ox-2.11.0/ext/ox/sax_buf.c:204:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, src, cnt); ANALYSIS SUMMARY: Hits = 111 Lines analyzed = 10882 in approximately 1.27 seconds (8546 lines/second) Physical Source Lines of Code (SLOC) = 9224 Hits@level = [0] 47 [1] 34 [2] 72 [3] 0 [4] 5 [5] 0 Hits@level+ = [0+] 158 [1+] 111 [2+] 77 [3+] 5 [4+] 5 [5+] 0 Hits/KSLOC@level+ = [0+] 17.1292 [1+] 12.0338 [2+] 8.34779 [3+] 0.542064 [4+] 0.542064 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.