Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/scscp-imcce-1.0.3+ds/examples/decodeclient.c
Examining data/scscp-imcce-1.0.3+ds/examples/decodeserver.c
Examining data/scscp-imcce-1.0.3+ds/examples/decodeserverxx.cpp
Examining data/scscp-imcce-1.0.3+ds/examples/execclient.c
Examining data/scscp-imcce-1.0.3+ds/examples/remoteclient.c
Examining data/scscp-imcce-1.0.3+ds/examples/simplestclient.c
Examining data/scscp-imcce-1.0.3+ds/examples/simplestclientstreamfmtxx.cpp
Examining data/scscp-imcce-1.0.3+ds/examples/simplestclientstreamunfxx.cpp
Examining data/scscp-imcce-1.0.3+ds/examples/simplestclientxx.cpp
Examining data/scscp-imcce-1.0.3+ds/src/scscp.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpbinary.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpbinary.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpcallid.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpcallid.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpdebug.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpfileclient.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpfileio.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpfileio.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpfileserver.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpinternal.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpio.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpomdoc.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpoptions.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpoptions.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpprocedurecall.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpprocedurecall.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpprocedurecompleted.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpprocedurecompleted.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpprocedureterminated.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpprocedureterminated.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpremoteobject.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpserver.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpserver.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpstatus.c
Examining data/scscp-imcce-1.0.3+ds/src/scscptags.h
Examining data/scscp-imcce-1.0.3+ds/src/scscputil.c
Examining data/scscp-imcce-1.0.3+ds/src/scscputil.h
Examining data/scscp-imcce-1.0.3+ds/src/scscpversion.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpxmlnode.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpxmlparser.c
Examining data/scscp-imcce-1.0.3+ds/src/scscpxmlparser.h
Examining data/scscp-imcce-1.0.3+ds/srcxx/scscpclientxx.cpp
Examining data/scscp-imcce-1.0.3+ds/srcxx/scscpcomputationxx.cpp
Examining data/scscp-imcce-1.0.3+ds/srcxx/scscpexception.cpp
Examining data/scscp-imcce-1.0.3+ds/srcxx/scscpserverxx.cpp
Examining data/scscp-imcce-1.0.3+ds/srcxx/scscpstream.cpp
Examining data/scscp-imcce-1.0.3+ds/srcxx/scscpstream.h
Examining data/scscp-imcce-1.0.3+ds/srcxx/scscpxx.h
Examining data/scscp-imcce-1.0.3+ds/tests/cmncalloption.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpcheckversion.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpclientsendinfo.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpcofailed1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpcompleted1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpcompleted2.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpgetversion.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpinterrupt.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpinvalidcmd.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpmconnect.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpnegotiationfailed1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpnsomi.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpomf.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpomfbin.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpomibin.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpomrbin.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpomstrbin.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpomv.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpomvbin.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscprawstring.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpremote1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpremote2.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpreturnoptions.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscprofailed1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpscconnect.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpscconnectfailed1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpscconnectfailed2.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpscinitfailed1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpsendgetallowheads.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpsendserveroption.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpserversendinfo.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.h
Examining data/scscp-imcce-1.0.3+ds/tests/scscpssinit.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpssinitfailed1.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscpterminated.c
Examining data/scscp-imcce-1.0.3+ds/tests/scscptversion.c
Examining data/scscp-imcce-1.0.3+ds/testsxx/cmncalloptionxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpclientsendinfoxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpcompleted1xx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpcompleted2xx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpinterruptxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpomfbinxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpomfxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpomibinxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpomrbinxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpomstrbinxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpomvbinxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpomvxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpreturnoptionsxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpscconnectfailed1xx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpscconnectfailed2xx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpscconnectxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpsendgetallowheadsxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpsendserveroptionxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpserversendinfoxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommon.h
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpssinitxx.cpp
Examining data/scscp-imcce-1.0.3+ds/testsxx/scscpterminatedxx.cpp
FINAL RESULTS:
data/scscp-imcce-1.0.3+ds/src/scscpdebug.h:68:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SCSCP_debugprint printf
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:979:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, xmlChar2char(strxml));
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:463:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) attr->name, name);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:815:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuffer, node->m_content); retbuffer+=strlen(node->m_content);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:823:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuffer, name); retbuffer+=strlen(name);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:839:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuffer, name); retbuffer+=strlen(name);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:958:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
int n=sprintf(buffer,"%s=\"%s\"", attr->name, attr->m_value);
data/scscp-imcce-1.0.3+ds/src/scscpstatus.c:141:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(status->m_fullformattedmessage,format, cdname, symbolname, msg);
data/scscp-imcce-1.0.3+ds/src/scscputil.c:150:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (dst) strcpy(dst, src);
data/scscp-imcce-1.0.3+ds/src/scscputil.c:159:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char *string, size_t n, const char *format, ...)
data/scscp-imcce-1.0.3+ds/src/scscputil.c:164:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
res = vsprintf(string, format, args);
data/scscp-imcce-1.0.3+ds/src/scscputil.h:98:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf SCSCP_snprintf
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:144:11: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execl("scscpservertest", "scscpservertest", bufanswer, sfd, NULL)==-1)
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:144:11: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execl("scscpservertest", "scscpservertest", bufanswer, sfd, NULL)==-1)
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:180:11: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
res = CreateProcess(NULL,
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:180:11: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
res = CreateProcess(NULL,
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:181:10: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
res = CreateProcess(NULL,
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:181:10: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
res = CreateProcess(NULL,
data/scscp-imcce-1.0.3+ds/examples/decodeclient.c:147:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/scscp-imcce-1.0.3+ds/examples/execclient.c:100:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/scscp-imcce-1.0.3+ds/examples/remoteclient.c:85:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/scscp-imcce-1.0.3+ds/examples/simplestclient.c:79:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/scscp-imcce-1.0.3+ds/examples/simplestclientstreamfmtxx.cpp:80:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/scscp-imcce-1.0.3+ds/examples/simplestclientstreamunfxx.cpp:142:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/scscp-imcce-1.0.3+ds/examples/simplestclientxx.cpp:79:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:237:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c,buffloc, n);
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:486:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * name[3]; /* address of the value */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:487:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * attrname[3]={"cd","name","id" }; /* attribute name */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:513:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * name[2]; /* address of the value */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:514:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * attrname[2]={"name","id" }; /* attribute name */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:541:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * name[2]; /* address of the value */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:542:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * attrname[2]={"href","id" }; /* attribute name */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:568:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * name[2]; /* address of the value */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:569:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * attrname[2]={"hex","id" }; /* attribute name */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:570:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char valuedbl[8];
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:571:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char valuestrdbl[17];
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:572:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char hexArray[16] = { '0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F' };
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:613:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * name[2]; /* address of the value */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:642:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * name[1]; /* address of the value */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:645:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c4[4];
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:646:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *attrname[1]={"id"};
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:666:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[128];
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:667:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cstr, "%ld", (long)c32);
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:691:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * name[1]; /* address of the value */
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:698:110: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
node = SCSCP_xmlnode_inittokenattrcontent(doc,owner, token,1,attrname, (char **)(&(name[1])), lenname+1 , (char *)name[0], lenname[0]);
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:718:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c2[2];
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szport[64];
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:174:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(szport,"%d",port);
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:239:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&adresseServeur.sin_addr.s_addr, hp->h_addr, hp->h_length);
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:367:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[SCSCP_PI_MAXLENBUFFER];
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[SCSCP_PI_MAXLENBUFFER];
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:1071:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff+copylen, ctx->buffer, res);
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:1112:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->buffer, buff, retval);
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:1148:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, ctx->buffer, retval);
data/scscp-imcce-1.0.3+ds/src/scscpfileio.c:161:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(io->m_bufferOutput+io->m_bufferOutputValid, buf, len);
data/scscp-imcce-1.0.3+ds/src/scscpfileio.h:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_bufferOutput[SCSCP_PI_MAXLENBUFFER+1];
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[CIMLEN];
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:643:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufferPI[SCSCP_PI_MAXLENBUFFER];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:457:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valeur[400];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:458:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valeur,"dec=\"%+-.*E\" />",(int)DBL_DIG+1,x);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:527:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valeur[400];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:528:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valeur,"%d",x);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:534:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valeur[400];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:535:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valeur,"%d</OMI>",x);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:565:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valeur[400];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:566:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valeur,"%llu",(unsigned long long)x);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:572:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valeur[400];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:573:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valeur,"<OMI>%llu</OMI>",(unsigned long long)x);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:603:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valeur[400];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:604:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valeur,"%lld",x);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:610:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valeur[400];
data/scscp-imcce-1.0.3+ds/src/scscpio.c:611:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valeur,"%lld</OMI>",x);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:464:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr->m_value, value, lenvalue*sizeof(char));
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:501:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(childtext->m_content, value, lenvalue*sizeof(char));
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:536:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node->m_binarycontent, value, lenvalue);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:838:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(retbuffer, "</"); retbuffer+=2;
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:844:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(retbuffer, "/>"); retbuffer+=2;
data/scscp-imcce-1.0.3+ds/src/scscpprocedurecall.c:803:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufferPI[SCSCP_PI_MAXLENBUFFER];
data/scscp-imcce-1.0.3+ds/src/scscputil.c:355:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { long l; char c[sizeof (long)]; } u;
data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c:216:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c:217:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d %d", value, valueref);
data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c:238:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c:239:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%23.16E %23.16E", value, valueref);
data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c:561:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return runserver(atoi(argv[1]), argc==3?atoi(argv[2]):-1);
data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c:561:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return runserver(atoi(argv[1]), argc==3?atoi(argv[2]):-1);
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufanswer[10];
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sfd[10];
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:127:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufanswer, "%d",typeanswer);
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:143:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfd, "%d", fd[1]);
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:174:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd,"scscpservertest.exe %d", typeanswer);
data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp:221:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp:222:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d %d", value, valueref);
data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp:242:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp:243:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%23.16E %23.16E", value, valueref);
data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp:492:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return runserver(atoi(argv[1]), argc==3?atoi(argv[2]):-1);
data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp:492:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return runserver(atoi(argv[1]), argc==3?atoi(argv[2]):-1);
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufanswer[10];
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sfd[10];
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:126:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufanswer, "%d",typeanswer);
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:143:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sfd, "%d", fd[1]);
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:173:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:175:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd,"scscpservertest.exe %d", typeanswer);
data/scscp-imcce-1.0.3+ds/examples/simplestclientxx.cpp:90:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mytask.send(openmath, ::strlen(openmath), SCSCP_option_return_object);
data/scscp-imcce-1.0.3+ds/src/scscpbinary.c:669:112: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node = SCSCP_xmlnode_inittokenattrcontent(doc, owner, token,1,attrname, (char **)name, lenname ,cstr, (int)strlen(cstr));
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:281:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SCSCP_fileio_write(&client->m_OutStream, msg, strlen(msg)*sizeof(char));
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:449:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bres = SCSCP_fileio_write(&client->m_OutStream,msg1, strlen(msg1)*sizeof(char));
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:450:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = SCSCP_fileio_write(&client->m_OutStream,supportedversion, strlen(supportedversion)*sizeof(char));
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:451:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = SCSCP_fileio_write(&client->m_OutStream,msg2, strlen(msg2)*sizeof(char));
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:1021:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int lensymbol = strlen(symbol);
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:1196:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int lensymbol = strlen(symbol);
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:1241:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ctx->pmathfind+posbuf,"cancel", strlen("cancel"))==0)
data/scscp-imcce-1.0.3+ds/src/scscpfileclient.c:1247:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ctx->pmathfind+posbuf,"end", strlen("end"))==0)
data/scscp-imcce-1.0.3+ds/src/scscpfileio.c:185:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(io->m_fd, buf, len);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:228:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socketid, msg, strlen(msg)*sizeof(char), 0);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:305:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bres = (send(socketid, msg1, strlen(msg1)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:306:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, server->m_services.m_servicename, strlen(server->m_services.m_servicename)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:308:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, msg2, strlen(msg2)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:309:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, server->m_services.m_serviceversion, strlen(server->m_services.m_serviceversion)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:311:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, msg3, strlen(msg3)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:312:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, server->m_services.m_serviceid, strlen(server->m_services.m_serviceid)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:314:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, msg4, strlen(msg4)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:317:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bres = (send(socketid, server->m_services.m_allowedversions[j], strlen(server->m_services.m_allowedversions[j])*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:318:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, " ", strlen(" ")*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:321:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, msg5, strlen(msg5)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:348:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bres = (send(socketid, msg1, strlen(msg1)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:349:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, supportedversion, strlen(supportedversion)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:350:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (bres) bres = (send(socketid, msg2, strlen(msg2)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpfileserver.c:354:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bres = (send(socketid, msg3, strlen(msg3)*sizeof(char), 0)!=SOCKET_ERROR);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:116:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l0=strlen(buffer);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:119:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lenid=(id==NULL?0:strlen(id));
data/scscp-imcce-1.0.3+ds/src/scscpio.c:165:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t l1=(uint32_t)strlen(buffer1);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:166:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t l2=(uint32_t)strlen(buffer2);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:168:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lenid=(id==NULL?0:strlen(id));
data/scscp-imcce-1.0.3+ds/src/scscpio.c:224:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lenid = strlen(id);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:316:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res = SCSCP_fileio_write(&(*stream)->m_OutStream, buffer, strlen(buffer)*sizeof(char));
data/scscp-imcce-1.0.3+ds/src/scscpio.c:633:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t l0=(uint32_t)strlen(buffer);
data/scscp-imcce-1.0.3+ds/src/scscpio.c:1245:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buffer,PIinfo, strlen(PIinfo))==0)
data/scscp-imcce-1.0.3+ds/src/scscpio.c:1250:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buffer,PIstart, strlen(PIstart))==0)
data/scscp-imcce-1.0.3+ds/src/scscpio.c:1255:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buffer,PIquit, strlen(PIquit))==0)
data/scscp-imcce-1.0.3+ds/src/scscpio.c:1261:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buffer,PIterminate, strlen(PIterminate))==0)
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:456:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
attr = SCSCP_omdoc_allocateattr(doc,strlen(name)+1+lenvalue+1);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:815:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(retbuffer, node->m_content); retbuffer+=strlen(node->m_content);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:822:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(retbuffer,"<"); retbuffer++;
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:823:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(retbuffer, name); retbuffer+=strlen(name);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:826:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(retbuffer," "); retbuffer++;
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:832:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(retbuffer, ">"); retbuffer++;
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:839:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(retbuffer, name); retbuffer+=strlen(name);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:840:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(retbuffer, ">"); retbuffer++;
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:865:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(node->m_content);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:872:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 1+strlen(name);
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:887:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=3+strlen(name); /* "</name>" */
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:974:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 3+strlen((char*)attr->name)+strlen(attr->m_value); /* "%s=\"%s\"", attr->name, attr->m_value*/
data/scscp-imcce-1.0.3+ds/src/scscpomdoc.c:974:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 3+strlen((char*)attr->name)+strlen(attr->m_value); /* "%s=\"%s\"", attr->name, attr->m_value*/
data/scscp-imcce-1.0.3+ds/src/scscpprocedurecall.c:356:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ncount = strlen(prefix)+100; /* for time, address and counter */
data/scscp-imcce-1.0.3+ds/src/scscpstatus.c:138:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status->m_fullformattedmessage=(char*)SCSCP_malloc((strlen(cdname)+strlen(symbolname)+strlen(msg)+strlen(format)+2)*sizeof(char), SCSCP_STATUS_IGNORE);
data/scscp-imcce-1.0.3+ds/src/scscpstatus.c:138:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status->m_fullformattedmessage=(char*)SCSCP_malloc((strlen(cdname)+strlen(symbolname)+strlen(msg)+strlen(format)+2)*sizeof(char), SCSCP_STATUS_IGNORE);
data/scscp-imcce-1.0.3+ds/src/scscpstatus.c:138:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status->m_fullformattedmessage=(char*)SCSCP_malloc((strlen(cdname)+strlen(symbolname)+strlen(msg)+strlen(format)+2)*sizeof(char), SCSCP_STATUS_IGNORE);
data/scscp-imcce-1.0.3+ds/src/scscpstatus.c:138:102: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status->m_fullformattedmessage=(char*)SCSCP_malloc((strlen(cdname)+strlen(symbolname)+strlen(msg)+strlen(format)+2)*sizeof(char), SCSCP_STATUS_IGNORE);
data/scscp-imcce-1.0.3+ds/src/scscputil.c:149:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst = (char*)SCSCP_malloc(strlen(src)+1, status);
data/scscp-imcce-1.0.3+ds/src/scscputil.c:229:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(begin, c,strlen(begin))==0) psubstr = c+strlen(begin);
data/scscp-imcce-1.0.3+ds/src/scscputil.c:229:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(begin, c,strlen(begin))==0) psubstr = c+strlen(begin);
data/scscp-imcce-1.0.3+ds/src/scscputil.c:236:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strncmp(versionname, psubstr,strlen(versionname))!=0)
data/scscp-imcce-1.0.3+ds/src/scscputil.c:294:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lensubstr = strlen(substr);
data/scscp-imcce-1.0.3+ds/src/scscpxmlnode.c:499:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(valuestr)==16)
data/scscp-imcce-1.0.3+ds/src/scscpxmlnode.c:534:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*value==NULL || strlen(*value)==0)
data/scscp-imcce-1.0.3+ds/src/scscpxmlparser.c:103:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SCSCP_xmlnode_setcontent(doc, owner, (const char*)value,strlen((const char*)value))) node = owner;
data/scscp-imcce-1.0.3+ds/src/scscpxmlparser.c:115:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (value!=NULL) SCSCP_xmlnode_setcontent(doc, node, (const char*)value,strlen((const char*)value));
data/scscp-imcce-1.0.3+ds/src/scscpxmlparser.c:127:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SCSCP_xmlnode_setattr(doc, node, (const char *)name, (const char *)value, strlen((const char *)value) );
data/scscp-imcce-1.0.3+ds/srcxx/scscpcomputationxx.cpp:444:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenbuffer = ::strlen(openmathbuffer);
data/scscp-imcce-1.0.3+ds/srcxx/scscpcomputationxx.cpp:624:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenbuffer = ::strlen(openmathbuffer);
data/scscp-imcce-1.0.3+ds/tests/scscpservertest.c:372:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(callid,"libSCSCP",strlen("libSCSCP"))==0)
data/scscp-imcce-1.0.3+ds/tests/scscpsscommon.c:158:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nr = (int)read(fd[0], port,sizeof(*port));
data/scscp-imcce-1.0.3+ds/testsxx/cmncalloptionxx.cpp:108:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
data/scscp-imcce-1.0.3+ds/testsxx/scscpclientsendinfoxx.cpp:113:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
data/scscp-imcce-1.0.3+ds/testsxx/scscpcompleted1xx.cpp:120:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
data/scscp-imcce-1.0.3+ds/testsxx/scscpcompleted2xx.cpp:192:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
data/scscp-imcce-1.0.3+ds/testsxx/scscpinterruptxx.cpp:118:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
data/scscp-imcce-1.0.3+ds/testsxx/scscpreturnoptionsxx.cpp:152:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
data/scscp-imcce-1.0.3+ds/testsxx/scscpserversendinfoxx.cpp:119:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
data/scscp-imcce-1.0.3+ds/testsxx/scscpservertestxx.cpp:372:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(callid,"libSCSCP",strlen("libSCSCP"))==0)
data/scscp-imcce-1.0.3+ds/testsxx/scscpsscommonxx.cpp:159:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nr = (int)read(fd[0], &port,sizeof(port));
data/scscp-imcce-1.0.3+ds/testsxx/scscpterminatedxx.cpp:118:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=::strlen(cmd);
ANALYSIS SUMMARY:
Hits = 183
Lines analyzed = 24584 in approximately 0.87 seconds (28178 lines/second)
Physical Source Lines of Code (SLOC) = 11772
Hits@level = [0] 219 [1] 80 [2] 85 [3] 4 [4] 14 [5] 0
Hits@level+ = [0+] 402 [1+] 183 [2+] 103 [3+] 18 [4+] 14 [5+] 0
Hits/KSLOC@level+ = [0+] 34.1488 [1+] 15.5454 [2+] 8.74958 [3+] 1.52905 [4+] 1.18926 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.